Hi,
If you haven't seen it, a new kernel vulnerability was announced https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Updates have been filed in bodhi with the fix
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1225995344 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b93e6de389 https://bodhi.fedoraproject.org/updates/FEDORA-2017-79f099cbba
Please test and leave karma if this update works for you. This is especially important for F24 which has seen a falloff in karma recently.
Thanks, Laura
Am 20.06.2017 um 01:30 schrieb Laura Abbott:
Hi,
If you haven't seen it, a new kernel vulnerability was announced https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Updates have been filed in bodhi with the fix
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1225995344 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b93e6de389 https://bodhi.fedoraproject.org/updates/FEDORA-2017-79f099cbba
Please test and leave karma if this update works for you. This is especially important for F24 which has seen a falloff in karma recently
giving karma would be so much more easy when fedora-easy-karma wouldn't break regualry and people get tired to delete hidden folders/files
================================================================================ kernel-4.11.6-100.fc24 ================================================================================ Update ID: FEDORA-2017-79f099cbba Release: Fedora 24 Status: pending Type: unapproved critpath security Karma: 0/3 Request: testing Bugs: https://bugzilla.redhat.com/1462833 - CVE-2017-1000379 kernel: Incorrectly mapped contents of PIE executable [fedora-all] : https://bugzilla.redhat.com/1462829 - CVE-2017-1000371 kernel: offset2lib allows for the stack guard page to be jumped over [fedora-all] : https://bugzilla.redhat.com/1462828 - CVE-2017-1000370 kernel: offset2lib patch protection bypass [fedora-all] : https://bugzilla.redhat.com/1462819 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations [fedora-all] : https://bugzilla.redhat.com/1462827 - CVE-2017-1000365 kernel: RLIMIT_STACK/RLIMIT_INFINITY string size limitation bypass [fedora-all] : https://bugzilla.redhat.com/1442912 - Kernels > 4.10 enable extra debugging on b43 : https://bugzilla.redhat.com/1459326 - BUG: audit records being sent to the console even when auditd is running : https://bugzilla.redhat.com/1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations Test Cases: https://fedoraproject.org/wiki/QA%3ATestcase_kernel_regression Notes: The 4.11.6 update contains a number of important fixes across the : tree, including the recently announced "stack clash" Submitter: labbott Submitted: 2017-06-19 23:09:35 Comments: bodhi - 2017-06-19 23:09:35 (karma 0) This update has been submitted for testing by labbott.
https://bodhi.fedoraproject.org/updates/FEDORA-2017-79f099cbba
inst. RPMS: kernel-core-4.11.6-100.fc24.x86_64 - The Linux kernel (installed 0 days ago) : kernel-modules-4.11.6-100.fc24.x86_64 - kernel modules to match the core kernel (installed 0 days ago) : kernel-headers-4.11.6-100.fc24.x86_64 - Header files for the Linux kernel for use by glibc (installed 0 days ago)
Comment? -1/0/1 -> karma, 'i' -> ignore, other -> skip> 1 Comment> works for me Traceback (most recent call last): File "/usr/bin/fedora-easy-karma", line 831, in <module> fek = FedoraEasyKarma() File "/usr/bin/fedora-easy-karma", line 690, in __init__ karma) File "/usr/bin/fedora-easy-karma", line 815, in send_comment res = bc.comment(update["title"], comment, karma=karma) File "/usr/lib/python2.7/site-packages/fedora/client/bodhi.py", line 118, in wrapper raise BodhiClientException(problems) fedora.client.bodhi.BodhiClientException: You must provide a captcha_key.
On 06/19/2017 04:30 PM, Laura Abbott wrote:
Hi,
If you haven't seen it, a new kernel vulnerability was announced https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Updates have been filed in bodhi with the fix
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1225995344 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b93e6de389 https://bodhi.fedoraproject.org/updates/FEDORA-2017-79f099cbba
Please test and leave karma if this update works for you. This is especially important for F24 which has seen a falloff in karma recently.
Thanks, Laura
The stack-clash fix was found to have a bug so I revoked the updates. New builds with a fix for the fix will be filed in bodhi when finished.
Thanks, Laura
kernel@lists.fedoraproject.org