On Mon, Nov 26, 2007 at 11:55:11AM +0200, Michael Shigorin wrote: > On Mon, Nov 26, 2007 at 04:21:34AM +0300, QA Team Robot wrote: > > kernel-image-std-pae - The Linux kernel (the core of the Linux operating system) > > * Sat Nov 24 2007 Sergey Vlasov 2.6.18-alt9 > > - Security-related changes: > > + CVE-2006-6058: minix: limit printks on corrupted dir i_size > > + CVE-2007-2875: cpuset: fix information leak through /dev/cpuset/tasks > > + CVE-2007-2878: vfat: fix compat ioctls memory corruption on 64-bit systems > > + CVE-2007-3105: random: fix bound check ordering > > + CVE-2007-3513: usblcd: limit memory consumption during write > > + CVE-2007-3731 [1/2]: ptrace: handle bogus %cs in single-step decoding > > + CVE-2007-3731 [2/2]: i386: fix TRACE_IRQS_ON without proper segment setup > > + CVE-2007-3740: cifs: respect umask when unix extensions are enabled > > + CVE-2007-3843: cifs: fail mount if signing is requested but not supported > > + CVE-2007-3848: reset current->pdeath_signal on SUID binary execution > > + CVE-2007-4133: don't allow the stack to grow into hugetlb reserved regions > > + CVE-2007-4133: hugetlbfs: fix prio_tree unit > > + CVE-2007-4308: aacraid: require CAP_SYS_ADMIN for configuration ioctls > > + CVE-2007-4997: ieee80211: avoid integer underflow for runt rx frames > > + CVE-2007-5500: wait_task_stopped: Check p->exit_state, not TASK_TRACED > > > > - Filesystem fixes: > > + locks: fix possible infinite loop in posix deadlock detection > > > > - Updated BuildRequires (kernel-build-tools changed to rpm-build-kernel). > > - Added BuildRequires(pre): rpm-build-kernel to get clean build in hasher. > > * Sun Sep 23 2007 Sergey Vlasov 2.6.18-alt8 > > - CVE-2007-4573 (x86_64 only): Zero extend all registers after ptrace in 32bit > > entry path. > > * Thu Aug 02 2007 Sergey Vlasov 2.6.18-alt7 > > Серёж, а с forcedeth-то что, или всё тот же старый-глючный? :( > [#12221] Это чистый secfix, обновление kernel-image-std-smp по forcedeth и др. будет в следующем релизе пакета. -- ldv