--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-d92fde52d7
2018-07-01 02:36:41.993910
--------------------------------------------------------------------------------Name        : kernel
Product     : Fedora 28
Version     : 4.17.3
Release     : 200.fc28
URL         : https://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------Update Information:

The v4.17.3 update contains important fixes across the tree.
--------------------------------------------------------------------------------ChangeLog:

* Tue Jun 26 2018 Jeremy Cline  - 4.17.3-200
- Linux v4.17.3
* Mon Jun 25 2018 Laura Abbott 
- Some webcam fixes (rhbz 1592454 1590304)
- Fix for armv7 siginfo ABI regression (rhbz 1591516)
* Fri Jun 22 2018 Justin M. Forbes 
- Fix CVE-2018-12633 (rhbz 1594170 1594172)
* Thu Jun 21 2018 Laura Abbott 
- Fix for Xen MTU issue (rhbz 1584216)
* Thu Jun 21 2018 Peter Robinson 
- Add fix for 96boards DB410c
* Tue Jun 19 2018 Jeremy Cline 
- Re-apply the XPS 13 9370 backlight, ath10k bandwidth, and kexec patches
- Don't log an error if RTC_NVMEM isn't enabled (rhbz 1568276)
* Mon Jun 18 2018 Justin M. Forbes  - 4.17.2-200
- Linux v4.17.2 Rebase
* Sun Jun 17 2018 Jeremy Cline  - 4.16.16-300
- Linux v4.16.16
* Tue Jun 12 2018 Jeremy Cline 
- Fix a crash in ath10k when bandwidth changes (rhbz 1577106)
- Fix kexec_file_load pefile signature verification (rhbz 1470995)
* Tue Jun 12 2018 Justin M. Forbes 
- Fix CVE-2018-12232 (rhbz 1590215 1590216)
* Mon Jun 11 2018 Jeremy Cline  - 4.16.15-300
- Fix for the keyboard backlight on Dell XPS 13 9370
- Linux v4.16.15
* Mon Jun 11 2018 Justin M. Forbes 
- Fix CVE-2018-10853 (rhbz 1589890 1589892)
* Tue Jun  5 2018 Jeremy Cline 
- Enable CONFIG_SCSI_DH on s390x (rhbz 1586189)
* Tue Jun  5 2018 Jeremy Cline  - 4.16.14-300
- Linux v4.16.14
* Mon Jun  4 2018 Jeremy Cline 
- Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207)
* Wed May 30 2018 Jeremy Cline  - 4.16.13-300
- Linux v4.16.13
- Fixes CVE-2018-11506 (rhbz 1583210 1583213)
* Fri May 25 2018 Jeremy Cline  - 4.16.12-300
- Linux v4.16.12
- Fix CVE-2018-10840 (rhbz 1582346 1582348)
- Fix for incorrect error message about parsing PCCT (rhbz 1435837)
* Tue May 22 2018 Jeremy Cline  - 4.16.11-300
- Linux v4.16.11
* Mon May 21 2018 Justin M. Forbes  - 4.16.10-301
- Fix CVE-2018-3639 (rhbz 1566890 1580713)
* Mon May 21 2018 Jeremy Cline  - 4.16.10-300
- Linux v4.16.10
* Sun May 20 2018 Hans de Goede 
- Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options
  to fix i2c and GPIOs not working on AMD based laptops (rhbz#1510649)
* Thu May 17 2018 Justin M. Forbes 
- Fix CVE-2018-1120 (rhbz 1575472 1579542)
* Thu May 17 2018 Jeremy Cline  - 4.16.9-300
- Linux v4.16.9
- Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797)
* Wed May  9 2018 Jeremy Cline 
- Workaround for m400 uart irq firmware description (rhbz 1574718)
* Wed May  9 2018 Jeremy Cline  - 4.16.8-300
- Linux v4.16.8
* Mon May  7 2018 Jeremy Cline 
- Fix issue with KVM on older Core 2 processors (rhbz 1566258)
* Sat May  5 2018 Peter Robinson 
- ARM and Raspberry Pi fixes
- Fix USB-2 on Tegra devices
* Fri May  4 2018 Laura Abbott 
- Fix for building out of tree modules on powerpc (rhbz 1574604)
* Fri May  4 2018 Justin M. Forbes 
- Fix CVE-2018-10322 (rhbz 1571623 1571624)
- Fix CVE-2018-10323 (rhbz 1571627 1571630)
* Wed May  2 2018 Jeremy Cline  - 4.16.7-300
- Linux v4.16.7
* Tue May  1 2018 Jeremy Cline  - 4.16.6-302
- Revert the entire random series from 4.16.4 (rhbz 1572944)
* Tue May  1 2018 Jeremy Cline  - 4.16.6-301
- Revert the fix for CVE-2018-1108 (rhbz 1572944)
* Mon Apr 30 2018 Jeremy Cline  - 4.16.6-300
- Linux v4.16.6
* Fri Apr 27 2018 Jeremy Cline  - 4.16.5-300
- Fix an issue with bluetooth autosupsend on some XPS 13 9360 (rhbz 1514836)
- Fix prlimit64 with RLIMIT_CPU ignored (rhbz 1568337)
- Linux v4.16.5
* Fri Apr 27 2018 Peter Robinson 
- Enable QLogic NICs on ARM
* Wed Apr 25 2018 Jeremy Cline 
- Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131)
* Tue Apr 24 2018 Jeremy Cline  - 4.16.4-300
- Linux v4.16.4
- Fix a regression in backlight interfaces for some laptops (rhbz 1571036)
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1568276 - rt_cmos  registration error.
        https://bugzilla.redhat.com/show_bug.cgi?id=1568276
  [ 2 ] Bug #1584216 - Fedora 28 on AWS does not get proper MTU set from DHCP
        https://bugzilla.redhat.com/show_bug.cgi?id=1584216
  [ 3 ] Bug #1594172 - CVE-2018-12633 kernel: Double-fetch vulnerability in drivers/virt/vboxguest/vboxguest_linux.c:vbg_misc_device_ioctl() allows information leak and local denial of service [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1594172
  [ 4 ] Bug #1591516 - armv7: siginfo ABI regression breaks strace testsuite
        https://bugzilla.redhat.com/show_bug.cgi?id=1591516
  [ 5 ] Bug #1590304 - ThinkPad X1C5 fails to boot: uvcvideo: Failed to query (GET_MIN) UVC control 11 on unit 2
        https://bugzilla.redhat.com/show_bug.cgi?id=1590304
  [ 6 ] Bug #1592454 - uvcvideo found UVC 1.50 device Integrated Webcam but failed to initialize the device.
        https://bugzilla.redhat.com/show_bug.cgi?id=1592454
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-d92fde52d7' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGK5XWFJBXPFE4K3ZVUM4BXLGPPTEYTH/

Fedora 28: kernel Security Update 2018-d92fde52d7

July 1, 2018
The v4.17.3 update contains important fixes across the tree.

Summary

The kernel meta package

The v4.17.3 update contains important fixes across the tree.

* Tue Jun 26 2018 Jeremy Cline - 4.17.3-200

- Linux v4.17.3

* Mon Jun 25 2018 Laura Abbott

- Some webcam fixes (rhbz 1592454 1590304)

- Fix for armv7 siginfo ABI regression (rhbz 1591516)

* Fri Jun 22 2018 Justin M. Forbes

- Fix CVE-2018-12633 (rhbz 1594170 1594172)

* Thu Jun 21 2018 Laura Abbott

- Fix for Xen MTU issue (rhbz 1584216)

* Thu Jun 21 2018 Peter Robinson

- Add fix for 96boards DB410c

* Tue Jun 19 2018 Jeremy Cline

- Re-apply the XPS 13 9370 backlight, ath10k bandwidth, and kexec patches

- Don't log an error if RTC_NVMEM isn't enabled (rhbz 1568276)

* Mon Jun 18 2018 Justin M. Forbes - 4.17.2-200

- Linux v4.17.2 Rebase

* Sun Jun 17 2018 Jeremy Cline - 4.16.16-300

- Linux v4.16.16

* Tue Jun 12 2018 Jeremy Cline

- Fix a crash in ath10k when bandwidth changes (rhbz 1577106)

- Fix kexec_file_load pefile signature verification (rhbz 1470995)

* Tue Jun 12 2018 Justin M. Forbes

- Fix CVE-2018-12232 (rhbz 1590215 1590216)

* Mon Jun 11 2018 Jeremy Cline - 4.16.15-300

- Fix for the keyboard backlight on Dell XPS 13 9370

- Linux v4.16.15

* Mon Jun 11 2018 Justin M. Forbes

- Fix CVE-2018-10853 (rhbz 1589890 1589892)

* Tue Jun 5 2018 Jeremy Cline

- Enable CONFIG_SCSI_DH on s390x (rhbz 1586189)

* Tue Jun 5 2018 Jeremy Cline - 4.16.14-300

- Linux v4.16.14

* Mon Jun 4 2018 Jeremy Cline

- Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207)

* Wed May 30 2018 Jeremy Cline - 4.16.13-300

- Linux v4.16.13

- Fixes CVE-2018-11506 (rhbz 1583210 1583213)

* Fri May 25 2018 Jeremy Cline - 4.16.12-300

- Linux v4.16.12

- Fix CVE-2018-10840 (rhbz 1582346 1582348)

- Fix for incorrect error message about parsing PCCT (rhbz 1435837)

* Tue May 22 2018 Jeremy Cline - 4.16.11-300

- Linux v4.16.11

* Mon May 21 2018 Justin M. Forbes - 4.16.10-301

- Fix CVE-2018-3639 (rhbz 1566890 1580713)

* Mon May 21 2018 Jeremy Cline - 4.16.10-300

- Linux v4.16.10

* Sun May 20 2018 Hans de Goede

- Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options

to fix i2c and GPIOs not working on AMD based laptops (rhbz#1510649)

* Thu May 17 2018 Justin M. Forbes

- Fix CVE-2018-1120 (rhbz 1575472 1579542)

* Thu May 17 2018 Jeremy Cline - 4.16.9-300

- Linux v4.16.9

- Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797)

* Wed May 9 2018 Jeremy Cline

- Workaround for m400 uart irq firmware description (rhbz 1574718)

* Wed May 9 2018 Jeremy Cline - 4.16.8-300

- Linux v4.16.8

* Mon May 7 2018 Jeremy Cline

- Fix issue with KVM on older Core 2 processors (rhbz 1566258)

* Sat May 5 2018 Peter Robinson

- ARM and Raspberry Pi fixes

- Fix USB-2 on Tegra devices

* Fri May 4 2018 Laura Abbott

- Fix for building out of tree modules on powerpc (rhbz 1574604)

* Fri May 4 2018 Justin M. Forbes

- Fix CVE-2018-10322 (rhbz 1571623 1571624)

- Fix CVE-2018-10323 (rhbz 1571627 1571630)

* Wed May 2 2018 Jeremy Cline - 4.16.7-300

- Linux v4.16.7

* Tue May 1 2018 Jeremy Cline - 4.16.6-302

- Revert the entire random series from 4.16.4 (rhbz 1572944)

* Tue May 1 2018 Jeremy Cline - 4.16.6-301

- Revert the fix for CVE-2018-1108 (rhbz 1572944)

* Mon Apr 30 2018 Jeremy Cline - 4.16.6-300

- Linux v4.16.6

* Fri Apr 27 2018 Jeremy Cline - 4.16.5-300

- Fix an issue with bluetooth autosupsend on some XPS 13 9360 (rhbz 1514836)

- Fix prlimit64 with RLIMIT_CPU ignored (rhbz 1568337)

- Linux v4.16.5

* Fri Apr 27 2018 Peter Robinson

- Enable QLogic NICs on ARM

* Wed Apr 25 2018 Jeremy Cline

- Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131)

* Tue Apr 24 2018 Jeremy Cline - 4.16.4-300

- Linux v4.16.4

- Fix a regression in backlight interfaces for some laptops (rhbz 1571036)

[ 1 ] Bug #1568276 - rt_cmos registration error.

https://bugzilla.redhat.com/show_bug.cgi?id=1568276

[ 2 ] Bug #1584216 - Fedora 28 on AWS does not get proper MTU set from DHCP

https://bugzilla.redhat.com/show_bug.cgi?id=1584216

[ 3 ] Bug #1594172 - CVE-2018-12633 kernel: Double-fetch vulnerability in drivers/virt/vboxguest/vboxguest_linux.c:vbg_misc_device_ioctl() allows information leak and local denial of service [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1594172

[ 4 ] Bug #1591516 - armv7: siginfo ABI regression breaks strace testsuite

https://bugzilla.redhat.com/show_bug.cgi?id=1591516

[ 5 ] Bug #1590304 - ThinkPad X1C5 fails to boot: uvcvideo: Failed to query (GET_MIN) UVC control 11 on unit 2

https://bugzilla.redhat.com/show_bug.cgi?id=1590304

[ 6 ] Bug #1592454 - uvcvideo found UVC 1.50 device Integrated Webcam but failed to initialize the device.

https://bugzilla.redhat.com/show_bug.cgi?id=1592454

su -c 'dnf upgrade --advisory FEDORA-2018-d92fde52d7' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGK5XWFJBXPFE4K3ZVUM4BXLGPPTEYTH/

FEDORA-2018-d92fde52d7 2018-07-01 02:36:41.993910 Product : Fedora 28 Version : 4.17.3 Release : 200.fc28 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package The v4.17.3 update contains important fixes across the tree. * Tue Jun 26 2018 Jeremy Cline - 4.17.3-200 - Linux v4.17.3 * Mon Jun 25 2018 Laura Abbott - Some webcam fixes (rhbz 1592454 1590304) - Fix for armv7 siginfo ABI regression (rhbz 1591516) * Fri Jun 22 2018 Justin M. Forbes - Fix CVE-2018-12633 (rhbz 1594170 1594172) * Thu Jun 21 2018 Laura Abbott - Fix for Xen MTU issue (rhbz 1584216) * Thu Jun 21 2018 Peter Robinson - Add fix for 96boards DB410c * Tue Jun 19 2018 Jeremy Cline - Re-apply the XPS 13 9370 backlight, ath10k bandwidth, and kexec patches - Don't log an error if RTC_NVMEM isn't enabled (rhbz 1568276) * Mon Jun 18 2018 Justin M. Forbes - 4.17.2-200 - Linux v4.17.2 Rebase * Sun Jun 17 2018 Jeremy Cline - 4.16.16-300 - Linux v4.16.16 * Tue Jun 12 2018 Jeremy Cline - Fix a crash in ath10k when bandwidth changes (rhbz 1577106) - Fix kexec_file_load pefile signature verification (rhbz 1470995) * Tue Jun 12 2018 Justin M. Forbes - Fix CVE-2018-12232 (rhbz 1590215 1590216) * Mon Jun 11 2018 Jeremy Cline - 4.16.15-300 - Fix for the keyboard backlight on Dell XPS 13 9370 - Linux v4.16.15 * Mon Jun 11 2018 Justin M. Forbes - Fix CVE-2018-10853 (rhbz 1589890 1589892) * Tue Jun 5 2018 Jeremy Cline - Enable CONFIG_SCSI_DH on s390x (rhbz 1586189) * Tue Jun 5 2018 Jeremy Cline - 4.16.14-300 - Linux v4.16.14 * Mon Jun 4 2018 Jeremy Cline - Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207) * Wed May 30 2018 Jeremy Cline - 4.16.13-300 - Linux v4.16.13 - Fixes CVE-2018-11506 (rhbz 1583210 1583213) * Fri May 25 2018 Jeremy Cline - 4.16.12-300 - Linux v4.16.12 - Fix CVE-2018-10840 (rhbz 1582346 1582348) - Fix for incorrect error message about parsing PCCT (rhbz 1435837) * Tue May 22 2018 Jeremy Cline - 4.16.11-300 - Linux v4.16.11 * Mon May 21 2018 Justin M. Forbes - 4.16.10-301 - Fix CVE-2018-3639 (rhbz 1566890 1580713) * Mon May 21 2018 Jeremy Cline - 4.16.10-300 - Linux v4.16.10 * Sun May 20 2018 Hans de Goede - Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options to fix i2c and GPIOs not working on AMD based laptops (rhbz#1510649) * Thu May 17 2018 Justin M. Forbes - Fix CVE-2018-1120 (rhbz 1575472 1579542) * Thu May 17 2018 Jeremy Cline - 4.16.9-300 - Linux v4.16.9 - Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797) * Wed May 9 2018 Jeremy Cline - Workaround for m400 uart irq firmware description (rhbz 1574718) * Wed May 9 2018 Jeremy Cline - 4.16.8-300 - Linux v4.16.8 * Mon May 7 2018 Jeremy Cline - Fix issue with KVM on older Core 2 processors (rhbz 1566258) * Sat May 5 2018 Peter Robinson - ARM and Raspberry Pi fixes - Fix USB-2 on Tegra devices * Fri May 4 2018 Laura Abbott - Fix for building out of tree modules on powerpc (rhbz 1574604) * Fri May 4 2018 Justin M. Forbes - Fix CVE-2018-10322 (rhbz 1571623 1571624) - Fix CVE-2018-10323 (rhbz 1571627 1571630) * Wed May 2 2018 Jeremy Cline - 4.16.7-300 - Linux v4.16.7 * Tue May 1 2018 Jeremy Cline - 4.16.6-302 - Revert the entire random series from 4.16.4 (rhbz 1572944) * Tue May 1 2018 Jeremy Cline - 4.16.6-301 - Revert the fix for CVE-2018-1108 (rhbz 1572944) * Mon Apr 30 2018 Jeremy Cline - 4.16.6-300 - Linux v4.16.6 * Fri Apr 27 2018 Jeremy Cline - 4.16.5-300 - Fix an issue with bluetooth autosupsend on some XPS 13 9360 (rhbz 1514836) - Fix prlimit64 with RLIMIT_CPU ignored (rhbz 1568337) - Linux v4.16.5 * Fri Apr 27 2018 Peter Robinson - Enable QLogic NICs on ARM * Wed Apr 25 2018 Jeremy Cline - Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131) * Tue Apr 24 2018 Jeremy Cline - 4.16.4-300 - Linux v4.16.4 - Fix a regression in backlight interfaces for some laptops (rhbz 1571036) [ 1 ] Bug #1568276 - rt_cmos registration error. https://bugzilla.redhat.com/show_bug.cgi?id=1568276 [ 2 ] Bug #1584216 - Fedora 28 on AWS does not get proper MTU set from DHCP https://bugzilla.redhat.com/show_bug.cgi?id=1584216 [ 3 ] Bug #1594172 - CVE-2018-12633 kernel: Double-fetch vulnerability in drivers/virt/vboxguest/vboxguest_linux.c:vbg_misc_device_ioctl() allows information leak and local denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1594172 [ 4 ] Bug #1591516 - armv7: siginfo ABI regression breaks strace testsuite https://bugzilla.redhat.com/show_bug.cgi?id=1591516 [ 5 ] Bug #1590304 - ThinkPad X1C5 fails to boot: uvcvideo: Failed to query (GET_MIN) UVC control 11 on unit 2 https://bugzilla.redhat.com/show_bug.cgi?id=1590304 [ 6 ] Bug #1592454 - uvcvideo found UVC 1.50 device Integrated Webcam but failed to initialize the device. https://bugzilla.redhat.com/show_bug.cgi?id=1592454 su -c 'dnf upgrade --advisory FEDORA-2018-d92fde52d7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGK5XWFJBXPFE4K3ZVUM4BXLGPPTEYTH/

Change Log

References

Update Instructions

Severity
Product : Fedora 28
Version : 4.17.3
Release : 200.fc28
URL : https://www.kernel.org/
Summary : The Linux kernel

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved