FSA/F7/FEDORA-2007-0409

[SECURITY] Fedora 7 Update: kernel-2.6.21-1.3228.fc7
Fedora Update Notification FEDORA-2007-0409 2007-06-13 14:06:03.616764

Name       : kernel Product    : Fedora 7 Version    : 2.6.21 Release    : 1.3228.fc7 Summary    : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Update Information:

Rebase to upstream 2.6.21.5, including several security fixes (See CVEs for details).

Upstream changelog: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.3 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.5

Fedora specific changes detailed below:

ChangeLog:

- 2.6.21.5 - Require at least version 6.0.9-7.1 of mkinitrd. - Reenable -rc2, revert unneeded MAP_FIXED change. - Disable rc2 whilst chasing down another regression. - 2.6.21.5-rc2 - remove "E1000: Fix netif_poll_enable.." (obsoleted by 2.6.21.5-rc1) - 2.6.21.5-rc1 - pata_ali: limit DMA speeds (bz #242472) - Update linux-2.6-wireless.patch and git-wireless-dev.patch - Update git-iwlwifi.patch (version 0.0.24) - Enable iwl4965 driver - Fix bug with MAP_FIXED (#242612). - Fix the oprofile fix. - Re-add a bunch of multimedia drivers. (#242503) - libata: always use polling SETXFER (#242387) - Allow kdump to read /proc/kcore. (#241362) - Switch 'Prevent going idle with softirq pending' patch to upstream variant. - E1000: Fix netif_poll_enable crash in e1000_open. - Reenable non-x86 architectures.. - Revert suspect #2. - Apply 2.6.21.2 & .3 again. Revert suspect #1. - Downgrade to 2.6.21 (test build to root cause the Dell hang). - Disable KABI nonsense in kernel-debug. - Add x86-64 PM_TRACE support. - 2.6.21.3 incremental patch from mailing list - Two UDF bugfixes. - Remove Dell Optiplex GX240 from the ACPI blacklist. - softirqs: print out irq-trace events. (#240982) - Use upstream variant of x86-64 oprofile fix. - [ALSA] hda-intel - Probe additional slots only - [ALSA] hda-intel - Fix detection of audio codec - Add Dell e520 to shutdown DMI blacklist.
 * Tue Jun 12 2007 Dave Jones 
 * Tue Jun 12 2007 Dave Jones 
 * Sat Jun 9 2007 Dave Jones 
 * Sat Jun 9 2007 Dave Jones 
 * Fri Jun 8 2007 Dave Jones 
 * Fri Jun 8 2007 John W. Linville 
 * Fri Jun 8 2007 Dave Jones 
 * Thu Jun 7 2007 Chuck Ebbert 
 * Thu Jun 7 2007 John W. Linville 
 * Wed Jun 6 2007 Dave Jones 
 * Tue Jun 5 2007 Chuck Ebbert 
 * Tue Jun 5 2007 Dave Jones 
 * Tue Jun 5 2007 Dave Jones 
 * Tue Jun 5 2007 Dave Jones 
 * Mon Jun 4 2007 Dave Jones 
 * Fri Jun 1 2007 Dave Jones 
 * Tue May 29 2007 Dave Jones <davej@redhat.com>
 * Mon May 28 2007 Dave Jones <davej@redhat.com>
 * Mon May 28 2007 Dave Jones <davej@redhat.com>
 * Sun May 27 2007 Dave Jones <davej@redhat.com>
 * Fri May 25 2007 Dave Jones <davej@redhat.com>
 * Fri May 25 2007 Dave Jones <davej@redhat.com>
 * Thu May 24 2007 Chuck Ebbert <cebbert@redhat.com>
 * Thu May 24 2007 Chuck Ebbert <cebbert@redhat.com>
 * Thu May 24 2007 Dave Jones <davej@redhat.com>
 * Thu May 24 2007 Dave Jones <davej@redhat.com>
 * Thu May 24 2007 Dave Jones <davej@redhat.com>
 * Thu May 24 2007 Dave Jones <davej@redhat.com>
 * Thu May 24 2007 Dave Jones <davej@redhat.com>

References:

[ 1 ] CVE-2007-2453 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2453 [ 2 ] CVE-2007-2451 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2451 [ 3 ] CVE-2007-2876 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2876

Updated packages:

a55769f1883e2ff52e3d8552b936674d0dbdfe26 kernel-doc-2.6.21-1.3228.fc7.noarch.rpm 82914c97d13e190bd65ea2274d80cc36b779c398 kernel-headers-2.6.21-1.3228.fc7.i386.rpm 1ed1b30e05ad86fe8973a357901776715b20d8c8 kernel-PAE-debug-debuginfo-2.6.21-1.3228.fc7.i686.rpm 6ec5cb5508e8dfbca5be6925a4b27aba0eef27a3 kernel-PAE-debug-devel-2.6.21-1.3228.fc7.i686.rpm 48743a6149addd82a5bfc68b763697374409a390 kernel-PAE-2.6.21-1.3228.fc7.i686.rpm 2b2f04e52869da70164a5767d372a20e44072649 kernel-debug-2.6.21-1.3228.fc7.i686.rpm 9d3c9b5e2b4496e5212248c01661bc2a0eddd83f kernel-PAE-debuginfo-2.6.21-1.3228.fc7.i686.rpm d57d990d7f57ad50dba2ba75f777f996f5053a6a kernel-debug-debuginfo-2.6.21-1.3228.fc7.i686.rpm 1f28ec3084ce8016c6579e0e4dcf4088ac0f37bd kernel-PAE-debug-2.6.21-1.3228.fc7.i686.rpm 06c558dfd7296a300ed95cb67b3be0e205144105 kernel-2.6.21-1.3228.fc7.i686.rpm 1627b8c01fe4cd47221866b633d8c26f217f0267 kernel-PAE-devel-2.6.21-1.3228.fc7.i686.rpm d1713c346bbd4173c18915a7add0e3ae27dcfeee kernel-devel-2.6.21-1.3228.fc7.i686.rpm 1f12066752ff4d6fd16449f8f43de87bb6a346dd kernel-debug-devel-2.6.21-1.3228.fc7.i686.rpm 2c23357a6e5008cbba6aefbb46c1b4b930bf3b6d kernel-debuginfo-common-2.6.21-1.3228.fc7.i686.rpm bc498f2f966fd298564b44877f7b1be83a8e6b16 kernel-debuginfo-2.6.21-1.3228.fc7.i686.rpm 793da198e9ab914784d4ab3d96d06b15c73395b1 kernel-kdump-devel-2.6.21-1.3228.fc7.ppc64.rpm 20bbd3b3acb8d9bf14f91fe6c17b70a0c71e76f1 kernel-devel-2.6.21-1.3228.fc7.ppc64.rpm f145e4854698b3eb6c022651e1b26af95cdd5955 kernel-debuginfo-2.6.21-1.3228.fc7.ppc64.rpm 74474669bc968c045f1a6b45be5d93947cac0af3 kernel-2.6.21-1.3228.fc7.ppc64.rpm 9623f0b751355d3560ddb8fe38581b39be168099 kernel-kdump-2.6.21-1.3228.fc7.ppc64.rpm 3d7dc03b25790d508edd1cb6ba97a86539de8e0c kernel-headers-2.6.21-1.3228.fc7.ppc64.rpm 829d33917c4f54da2e7cf9dd6928cccb2e024113 kernel-debuginfo-common-2.6.21-1.3228.fc7.ppc64.rpm adb8488feb134bb28863e01df0f61eec2b16d4d9 kernel-kdump-debuginfo-2.6.21-1.3228.fc7.ppc64.rpm 2e9d8caabbde1944ec0c24b1b907a23c06b71d8d kernel-debuginfo-common-2.6.21-1.3228.fc7.i586.rpm fd1776d36fce7349ee7adac5c3c24ef97fe26259 kernel-2.6.21-1.3228.fc7.i586.rpm 9ba7e6e36800727dfd705656705fb23d7153f73f kernel-debuginfo-2.6.21-1.3228.fc7.i586.rpm 74c201401ca61a5aff99ed836ecedc4b8ba5663f kernel-devel-2.6.21-1.3228.fc7.i586.rpm 9ce6b4274eb8b81158404bfc424f2fa04d98fdef kernel-debuginfo-2.6.21-1.3228.fc7.x86_64.rpm 38cbfdd7f150dc554fb40a0ff19506f1d3e8e9a7 kernel-debuginfo-common-2.6.21-1.3228.fc7.x86_64.rpm b3fe5e70268d06d549a335b8f7ec5cdfb131e8c8 kernel-headers-2.6.21-1.3228.fc7.x86_64.rpm fd1f2470a5120e66d4fcc527906544d3b33bc1c2 kernel-kdump-2.6.21-1.3228.fc7.x86_64.rpm e855ed876c059567921b5d5af6dbe949f0c11b77 kernel-debug-devel-2.6.21-1.3228.fc7.x86_64.rpm f5093d791dfc938e5ca7267fa126603b9136f081 kernel-kdump-devel-2.6.21-1.3228.fc7.x86_64.rpm 2f87d84cedf0f7d16973e55f828c2fcd74f39a69 kernel-kdump-debuginfo-2.6.21-1.3228.fc7.x86_64.rpm fc2408db2152c5cb7f59946b09d3adf70cd9bdf6 kernel-2.6.21-1.3228.fc7.x86_64.rpm 8a7725d0a24aa0ed0712a6fb529f7b311b86ec2e kernel-debug-debuginfo-2.6.21-1.3228.fc7.x86_64.rpm 600be76626d89143077390ceb0b51726a50f682b kernel-devel-2.6.21-1.3228.fc7.x86_64.rpm 695af229e393c3ee42fc86cbabf2676075a8bf6e kernel-debug-2.6.21-1.3228.fc7.x86_64.rpm 53b41a93ca964ae98dd0b292255befa321fd36bb kernel-smp-2.6.21-1.3228.fc7.ppc.rpm f0ce7622447cef602132a62b65f395334d25bd10 kernel-headers-2.6.21-1.3228.fc7.ppc.rpm 85e8380929a0808c9be936174f6264c4c25b9531 kernel-smp-devel-2.6.21-1.3228.fc7.ppc.rpm 56a93625ed3b5e8a5bec5664f581fabe5b8eb9d0 kernel-devel-2.6.21-1.3228.fc7.ppc.rpm 19698c5bd563d69993a2f015fc46df0f011ba653 kernel-2.6.21-1.3228.fc7.ppc.rpm a325622e985d3880fa20afbb52f4ad3e0e5de7aa kernel-debuginfo-common-2.6.21-1.3228.fc7.ppc.rpm debd0d4cb5e3ef00834d95ab5683009a5988bdb7 kernel-debuginfo-2.6.21-1.3228.fc7.ppc.rpm cc4b37bf4e6a67853c7be06a74097095ff04dd62 kernel-smp-debuginfo-2.6.21-1.3228.fc7.ppc.rpm 852655012e7d2f90997f2fb91ab9614d5656b3b8 kernel-2.6.21-1.3228.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/.