Overview Repositories Revisions Requests Users Attributes Meta
kernel: security and bugfix update

The openSUSE 12.3 kernel was updated to fix a critical security issue,
other security issues and several bugs.

Security issues fixed:
CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c
in the Linux kernel used an incorrect integer data type, which allowed
local users to gain privileges via a crafted perf_event_open system call.

CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c
in the Linux kernel did not properly handle the MSG_PEEK flag with
zero-length data, which allowed local users to cause a denial of service
(infinite loop and system hang) via a crafted application.

Bugs fixed:
- qlge: fix dma map leak when the last chunk is not allocated
(bnc#819519).

- ACPI / thermal: do not always return THERMAL_TREND_RAISING
for active trip points (bnc#820048).

- perf: Treat attr.config as u64 in perf_swevent_init()
(bnc#819789, CVE-2013-2094).

- cxgb4: fix error recovery when t4_fw_hello returns a positive
value (bnc#818497).

- kabi/severities: Ignore drivers/mfd/ucb1400_core
It provides internal exports to UCB1400 drivers, that we have just
disabled.

- Fix -devel package for armv7hl
armv7hl kernel flavors in the non-multiplatform configuration
(which is the default for our openSUSE 12.3 release), needs
more header files from the machine specific directories to
be included in kernel-devel.

- Update config files: disable UCB1400 on all but ARM
Currently UCB1400 is only used on ARM OMAP systems, and part of the
code is dead code that can't even be modularized.
- CONFIG_UCB1400_CORE=n
- CONFIG_TOUCHSCREEN_UCB1400=n
- CONFIG_GPIO_UCB1400=n

- rpm/config.sh: Drop the ARM repository, the KOTD will build
against the "ports" repository of openSUSE:12.3

- mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327).

- rpm/kernel-spec-macros: Properly handle KOTD release numbers with
.g suffix

- rpm/kernel-spec-macros: Drop the %release_num macro
We no longer put the -rcX tag into the release string.

- xen-pciback: notify hypervisor about devices intended to be
assigned to guests.

- unix/stream: fix peeking with an offset larger than data in
queue (bnc#803931 CVE-2013-0290).
- unix/dgram: fix peeking with an offset larger than data in queue
(bnc#803931 CVE-2013-0290).
- unix/dgram: peek beyond 0-sized skbs (bnc#803931 CVE-2013-0290).
- net: fix infinite loop in __skb_recv_datagram() (bnc#803931
CVE-2013-0290).

- TTY: fix atime/mtime regression (bnc#815745).

- md/raid1,raid10: fix deadlock with freeze_array() (813889).
- md: raid1,10: Handle REQ_WRITE_SAME flag in write bios
(bnc#813889).

- KMS: fix EDID detailed timing vsync parsing.
- KMS: fix EDID detailed timing frame rate.

- Add Netfilter/ebtables support
Those modues are needed for proper OpenStack support
on ARM, and are also enabled on x86(_64)

Fixed bugs
bnc#820048
Fan always running at full speed - kernel patch 2491791 for openSUSE 12.3?
bnc#813889
BUG: scheduling while atomic:
bnc#815745
terminal idle time displayed by "w" command is incorrect
bnc#818497
cxgb4 driver fails to recover after error injection (Chelsio)
bnc#819789
VUL-0: CVE-2013-2094: kernel: linux kernel perf out-of-bounds access
bnc#818327
Kernel 3.0.74-0.6.6: regression: LTP (openposix) mmap_24_2
bnc#803931
VUL-1: CVE-2013-0290: kernel: local DOS (endless loop with interrupts disabled)
bnc#819519
qlge fails to DLPAR (Qlogic)
CVE-CVE-2013-2094
CVE-CVE-2013-0290
Selected Binaries
openSUSE Build Service is sponsored by
Places