Security fixes for bcm4356, bcm4354, bcm43362, bcm43340, bcm43430 CVE-2017-13077 - dropping replayed M3 for offloaded 4-way handshake. CVE-2017-13078 - dropping replayed M3 for offloaded 4-way handshake. CVE-2017-13079 - dropping replayed M3 for offloaded 4-way handshake. CVE-2017-13080 - dropping replayed G1 for offloaded GTK rekey. CVE-2017-13081 - dropping replayed G1 for offloaded GTK rekey. CVE-2017-13081 - dropping replayed G1 for offloaded GTK rekey. Other fixes: Updated bluethooth firmwares for Intel 7260, 7265, 8260 fixed firmware for Amd Vega10 VCE
SRPMS: kernel-firmware-nonfree-20180606-1.mga6.nonfree.src.rpm radeon-firmware-20180606-1.mga6.nonfree.src.rpm i586: iwlwifi-firmware-20180606-1.mga6.nonfree.noarch.rpm kernel-firmware-nonfree-20180606-1.mga6.nonfree.noarch.rpm radeon-firmware-20180606-1.mga6.nonfree.noarch.rpm ralink-firmware-20180606-1.mga6.nonfree.noarch.rpm rtlwifi-firmware-20180606-1.mga6.nonfree.noarch.rpm x86_64: iwlwifi-firmware-20180606-1.mga6.nonfree.noarch.rpm kernel-firmware-nonfree-20180606-1.mga6.nonfree.noarch.rpm radeon-firmware-20180606-1.mga6.nonfree.noarch.rpm ralink-firmware-20180606-1.mga6.nonfree.noarch.rpm rtlwifi-firmware-20180606-1.mga6.nonfree.noarch.rpm
Already in use on Mageia infra, my own server, workstation and laptop
Installed these packages on my production machine, an nvidia system without wifi. Kernel: 4.14.50-desktop-2.mga6 x86_64 Quad core Intel Core i7-4790 (-HT-MCP-) speed/max: 3834/4000 MHz desktop Mobo: MSI model: Z97-G43 (MS-7816) v: 3.0 Graphics: Card: NVIDIA GM204 [GeForce GTX 970] RAM: 32 GB After reboot: $ rpm -qa | grep firmware kernel-firmware-nonfree-20180606-1.mga6.nonfree radeon-firmware-20180606-1.mga6.nonfree rtlwifi-firmware-20180606-1.mga6.nonfree kernel-firmware-20170531-1.mga6 ralink-firmware-20180606-1.mga6.nonfree bluez-firmware-1.2-13.mga6.nonfree iwlwifi-firmware-20180606-1.mga6.nonfree
CC: (none) => tarazed25
Blocks: (none) => 23315
Two machines updated to all updates in all updates_testing repos 1) 64 bit OK on my workstation: i7-2600K, Nvidia GTX750 (GM107) using proprietary driver GeForce 420 and later, BOINC, LVM on LUKS on SSD, no wifi hw. 2) 64 bit on laptop Thinkpad T60, CPU core2Duo T5600, ati RV515/M54 X1400, wifi AR5418. Resume from suspend and hibernation *) OK except wifi need to be reconnected manually :/ (regression) *) using Fn+F4 and Fn+F12 respectively - Somehow the Plasma battery icon have gone missing and logout menu do not contain suspend nor hibernate any longer!
CC: (none) => fri
Real MBR hardware, Athlon X2, 8GB, nvidia 9800GT video, Atheros wifi. 64-bit Plasma system, using the server kernel. Updated microcode, nonfree firmware, and server kernel in one operation. Packages all installed cleanly. Rebooted, tried all the usual suspects, no regressions noted.
CC: (none) => andrewsfarm
Real hardware, HP 6550b, i3,8GB, Intel graphics, Intel wifi, 64-bit Plasma system, using the desktop kernel. Performed the same tests as in Comment 5, with the same results.
OK for mga6-64: https://bugs.mageia.org/show_bug.cgi?id=23315#c8
CC: (none) => jim
also OK for mga6-64 on an nvidia system https://bugs.mageia.org/show_bug.cgi?id=23315#c9
System: Host: markab Kernel: 4.14.50-desktop-2.mga6 x86_64 CPU: Quad core Intel Core i7-5700HQ (-HT-MCP-) speed/max: 2695/3500 MHz Mobo: GIGABYTE model: X5 Graphics: Card-1: NVIDIA GM204M [GeForce GTX 965M] GLX Version: 4.6.0 NVIDIA 390.59 Updated microcode and latest firmware. Rebooted fine. No problems evident.
OK for mga6-32 https://bugs.mageia.org/show_bug.cgi?id=23315#c11
Real hardware, Dell Inspiron 5100, P4, 1GB RAM, Radeon 7500 graphics, old Atheros wifi. Running 32-bit Plasma, using the VESA video driver because the radeon driver won't work with Plasma on this system. Updated microcodes, nonfree firmware, and the desktop kernel all in one operation. Packages all installed cleanly. Reboot successful, no regressions noted.
Tested OK on Mageia 6 x86_64, system described in bug 23316 comment 7.
Advisory (added to svn) type: security subject: Updated nonfree firmware packages fixes security vulnerabilities CVE: - CVE-2017-13077 - CVE-2017-13078 - CVE-2017-13079 - CVE-2017-13080 - CVE-2017-13081 src: 6: nonfree: - kernel-firmware-nonfree-20180606-1.mga6.nonfree - radeon-firmware-20180606-1.mga6.nonfree description: | This firmware update fixes the following security issues: * bcm4356, bcm4354, bcm43362, bcm43340, bcm43430: - dropping replayed M3 for offloaded 4-way handshake (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079) - dropping replayed G1 for offloaded GTK rekey (CVE-2017-13080, CVE-2017-13081) Also in this update: * Updated bluethooth firmwares for Intel 7260, 7265, 8260 * fixed firmware for Amd Vega10 VCE causing a hang references: - https://bugs.mageia.org/show_bug.cgi?id=23314
Keywords: (none) => advisory
Enough tests, validating
Whiteboard: (none) => mga6-64-ok, mga6-32-okKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0323.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED