Hello community,
here is the log from the commit of package patchinfo.1085 for openSUSE:12.1:Update checked in at 2012-11-22 11:04:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update/patchinfo.1085 (Old)
and /work/SRC/openSUSE:12.1:Update/.patchinfo.1085.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.1085", Maintainer is ""
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="hyper-v">
<packager>olh</packager>
<issue tracker="bnc" id="761200">VUL-1: hyper-v user space daemon netlink origin</issue>
<issue tracker="cve" id="CVE-2012-2669"></issue>
<category>security</category>
<rating>moderate</rating>
<summary>Hyper-V: Netlink source address validation allows DoS</summary>
<description>This update fixes the following issues for Hyper-V:
The source code without this patch caused hv_kvp_daemon to exit when it processed a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored and a warning is printed into the syslog.
This fixes the previous change from CVE-2012-2669.
</description>