From Mageia wiki
Jump to: navigation, search

MGASA-2012-0237

Date: August 23rd, 2012
Affected releases: 2


Description:
This updates the kernel to latest 3.3 series.

It also fixes the following CVEs:
- rds: set correct msg_namelen (CVE-2012-3430)
- hv: verify origin of netlink connector message (CVE-2012-2669)
- Use 'ret' instead of abusing 'i' in udf_load_logicalvol();
  Avoid run away loop when partition table length is corrupted;
  Fortify loading of sparing table (CVE-2012-3400)
- epoll: clear the tfile_check_list on -ELOO (CVE-2012-3375)
- mm/pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP
  race condition (CVE-2012-2372)
- mm/hugetlb: fix resv_map leak in error path (CVE-2012-2390)

Other fixes in this update:
block:
- dm/raid1: fix crash with mirror recovery and discard
- md: avoid crash when stopping md array races with closing other open fds
- md/raid1: close some possible races on write errors during resync
;   fix use-after-free bug in RAID1 data-check code
- md/raid10: Don't try to recovery unmatched (and unused) chunks;
  fix failure when trying to repair a read error
- md/raid5: In ops_run_io, inc nr_pending before calling
  md_wait_for_blocked_rde; Do not add data_offset before call to
  is_badbloc; delayed stripe bits fix
- crypto/aesni-intel: fix unaligned cbc decrypt for x86-32
drm:
- char/agp: add another Ironlake host bridge
- core: edid: don't return stack garbage from supports_rb;
- ttm: Fix buffer object metadata accounting regression v2;
- ttm: Fix spinlock imbalance
- gma500: don't register the ACPI video bus
- i915: Adding TV Out Missing modes; always use RPNSWREQ for turbo change
  requests; Mark the ringbuffers as being in the GTT domain; enable vdd
  when switching off the eDP panel; Fix eDP blank screen after S3 resume
  on HP desktops; Flush any outstanding work to turn the VDD off;
  properly handle interlaced bit for sdvo dtd conversion; Refactor the
  deferred PM_IIR handling into a single function; rip out the PM_IIR
  WARN; wait for a vblank to pass after tv detect
- nouveau: disp: fix dithering not being enabled on some eDP macbooks;
  fbcon: using nv_two_heads is not a good idea
- radeon: add some additional 6xx/7xx/EG register init; audio: don't
  hardcode CRTC id; fix bank information in tiling config; fix HD6790,
  HD6570 backend programming; fix regression in UMS CS ioctl; fix tiling
  and command stream checking on evergreen v3 (mga #6715); fix typo in
  trinity tiling setup; fix vm deadlocks on cayman; fix VM page table
  setup on SI; fix XFX quirk; properly program gart on rv740, juniper,
  cypress, barts, hemlock
- sis: initialize object_idr
- vmwgfx: Fix nasty write past alloced memory area
filesystems:
- btrfs: run delayed directory updates during log replay (fixes crash)
- ext4: fix duplicated mnt_drop_write call in EXT4_IOC_MOVE_EXT;
  fix the free blocks calculation for ext3 file systems w/ uninit_bg
- eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files;
  Fix lockdep warning in miscdev operations; Properly check for O_RDONLY
  flag before doing privileged open
-fs/locks.c: Remove easily user-triggerable BUG from generic_setlease
HID/input:
- HID: add support for 2012 MacBook Pro Retina
- Input: bcm5974 - Add support for 2012 MacBook Pro Retina
- Support embedded LED on Synaptics devices (#5694)
media:
- gspca-core: Fix buffers staying in queued state after a stream_off
net:
- bcma: add ext PA workaround for BCM4331 and BCM43431
- e1000e: Disable ASPM L1 on 82574; Remove special case for 82573/82574
  ASPM L1 disablement
- tg3: Apply short DMA frag workaround to 5906 (mga #6293)
platform:
- intel_ips: blacklist HP ProBook laptops
scsi & usb-storage:
- add try_rc_10_first flag
- Silence unnecessary warnings about ioctl to partition
usb/host/xHCI:
- increase the timeout for controller save/restore state operation
wireless:
- cfg80211: fix potential deadlock in regulatory
- iwlegacy: always monitor for stuck queues; don't mess up the SCD when
  removing a key
- iwlwifi: disable the buggy chain extension feature in HW; do not use
  shadow registers by default; don't mess up the SCD when removing a key;
  unregister LEDs if mac80211 registration fails; update BT traffic load
  states correctly; use correct supported firmware for 6035 and 6000g2
- r8712u: Add new USB IDs
- rt2800usb: add more devices ids
- rtl8192cu: add New USB IDs
- wl1251: fix oops on early interrupt
defconfigs:
- enable EFI_STUB support (#6598)


Updated Packages:
kernel-desktop586-3.3.8-2.mga2-1-1.mga2
kernel-desktop586-devel-3.3.8-2.mga2-1-1.mga2
kernel-desktop586-3.3.8-2.mga2-debug-1-1.mga2
kernel-desktop586-latest-3.3.8-2.mga2
kernel-desktop586-devel-latest-3.3.8-2.mga2
kernel-desktop-3.3.8-2.mga2-1-1.mga2
kernel-desktop-devel-3.3.8-2.mga2-1-1.mga2
kernel-desktop-3.3.8-2.mga2-debug-1-1.mga2
kernel-desktop-latest-3.3.8-2.mga2
kernel-desktop-devel-latest-3.3.8-2.mga2
kernel-netbook-3.3.8-2.mga2-1-1.mga2
kernel-netbook-devel-3.3.8-2.mga2-1-1.mga2
kernel-netbook-3.3.8-2.mga2-debug-1-1.mga2
kernel-netbook-latest-3.3.8-2.mga2
kernel-netbook-devel-latest-3.3.8-2.mga2
kernel-server-3.3.8-2.mga2-1-1.mga2
kernel-server-devel-3.3.8-2.mga2-1-1.mga2
kernel-server-3.3.8-2.mga2-debug-1-1.mga2
kernel-server-latest-3.3.8-2.mga2
kernel-server-devel-latest-3.3.8-2.mga2
kernel-source-3.3.8-2.mga2-1-1.mga2
kernel-source-latest-3.3.8-2.mga2
kernel-doc-3.3.8-2.mga2
kernel-userspace-headers-3.3.8-2.mga2
perf-3.3.8-2.mga2
cpupower-3.3.8-2.mga2
cpupower-devel-3.3.8-2.mga2
xtables-addons-kernel-3.3.8-desktop-2.mga2-1.41-10.mga2
xtables-addons-kernel-3.3.8-desktop586-2.mga2-1.41-10.mga2
xtables-addons-kernel-3.3.8-netbook-2.mga2-1.41-10.mga2
xtables-addons-kernel-3.3.8-server-2.mga2-1.41-10.mga2
broadcom-wl-kernel-3.3.8-desktop-2.mga2-5.100.82.112-29.mga2.nonfree
broadcom-wl-kernel-3.3.8-desktop586-2.mga2-5.100.82.112-29.mga2.nonfree
broadcom-wl-kernel-3.3.8-netbook-2.mga2-5.100.82.112-29.mga2.nonfree
broadcom-wl-kernel-3.3.8-server-2.mga2-5.100.82.112-29.mga2.nonfree
fglrx-kernel-3.3.8-desktop-2.mga2-8.961-6.mga2.nonfree
fglrx-kernel-3.3.8-desktop586-2.mga2-8.961-6.mga2.nonfree
fglrx-kernel-3.3.8-netbook-2.mga2-8.961-6.mga2.nonfree
fglrx-kernel-3.3.8-server-2.mga2-8.961-6.mga2.nonfree


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3430
https://bugs.mageia.org/show_bug.cgi?id=5694
https://bugs.mageia.org/show_bug.cgi?id=6293
https://bugs.mageia.org/show_bug.cgi?id=6598
https://bugs.mageia.org/show_bug.cgi?id=6715
https://bugs.mageia.org/show_bug.cgi?id=6914

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0237&oldid=10519"