openSUSE Security Announce
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
June 2012
- 1 participants
- 22 discussions
[security-announce] SUSE-SU-2012:0689-1: important: kernel update for SLE11 SP2
by opensuse-security@opensuse.org 02 Jun '12
by opensuse-security@opensuse.org 02 Jun '12
02 Jun '12
SUSE Security Update: kernel update for SLE11 SP2
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0689-1
Rating: important
References: #704280 #708836 #718521 #721857 #725592 #732296
#738528 #738644 #743232 #744758 #745088 #746938
#748112 #748463 #748806 #748859 #750426 #751550
#752022 #752634 #753172 #753698 #754085 #754428
#754690 #754969 #755178 #755537 #755758 #755812
#756236 #756821 #756840 #756940 #757077 #757202
#757205 #757289 #757373 #757517 #757565 #757719
#757783 #757789 #757950 #758104 #758279 #758532
#758540 #758731 #758813 #758833 #759340 #759539
#759541 #759657 #759908 #759971 #760015 #760279
#760346 #760974 #761158 #761387 #761772 #762285
#762329 #762424
Cross-References: CVE-2012-2127 CVE-2012-2133 CVE-2012-2313
CVE-2012-2319
Affected Products:
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise Desktop 11 SP2
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________
An update that solves four vulnerabilities and has 64 fixes
is now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 SP2 kernel was updated to
3.0.31, fixing lots of bugs and security issues.
Various security and bug fixes contained in the Linux 3.0
stable releases 3.0.27 up to 3.0.31 are included, but not
explicitly listed below.
Following security issues were fixed: CVE-2012-2313: The
dl2k network card driver lacked permission handling for
some ethtool ioctls, which could allow local attackers to
start/stop the network card.
CVE-2012-2133: A use after free bug in hugetlb support
could be used by local attackers to crash the system.
CVE-2012-2127: Various leaks in namespace handling over
fork where fixed, which could be exploited by e.g. vsftpd
access by remote users.
CVE-2012-2319: A memory corruption when mounting a hfsplus
filesystem was fixed that could be used by local attackers
able to mount filesystem to crash the system.
Following non security bugs were fixed by this update:
BTRFS:
- btrfs: partial revert of truncation improvements
(bnc#748463 bnc#760279).
- btrfs: fix eof while discarding extents
- btrfs: check return value of bio_alloc() properly
- btrfs: return void from clear_state_bit
- btrfs: avoid possible use-after-free in clear_extent_bit()
- btrfs: Make free_ipath() deal gracefully with NULL
pointers
- btrfs: do not call free_extent_buffer twice in
iterate_irefs
- btrfs: add missing read locks in backref.c
- btrfs: fix max chunk size check in chunk allocator
- btrfs: double unlock bug in error handling
- btrfs: do not return EINTR
- btrfs: fix btrfs_ioctl_dev_info() crash on missing device
- btrfs: fix that check_int_data mount option was ignored
- btrfs: do not mount when we have a sectorsize unequal to
PAGE_SIZE
- btrfs: avoid possible use-after-free in clear_extent_bit()
- btrfs: retrurn void from clear_state_bit
- btrfs: Fix typo in free-space-cache.c
- btrfs: remove the ideal caching code
- btrfs: remove search_start and search_end from
find_free_extent and callers
- btrfs: adjust the write_lock_level as we unlock
- btrfs: actually call btrfs_init_lockdep
- btrfs: fix regression in scrub path resolving
- btrfs: show useful info in space reservation tracepoint
- btrfs: flush out and clean up any block device pages
during mount
- btrfs: fix deadlock during allocating chunks
- btrfs: fix race between direct io and autodefrag
- btrfs: fix the mismatch of page->mapping
- btrfs: fix recursive defragment with autodefrag option
- btrfs: add a check to decide if we should defrag the range
- btrfs: do not bother to defrag an extent if it is a big
real extent
- btrfs: update to the right index of defragment
- btrfs: Fix use-after-free in __btrfs_end_transaction
- btrfs: stop silently switching single chunks to raid0 on
balance
- btrfs: add wrappers for working with alloc profiles
- btrfs: make profile_is_valid() check more strict
- btrfs: move alloc_profile_is_valid() to volumes.c
- btrfs: add get_restripe_target() helper
- btrfs: add __get_block_group_index() helper
- btrfs: improve the logic in btrfs_can_relocate()
- btrfs: validate target profiles only if we are going to
use them
- btrfs: allow dup for data chunks in mixed mode
- btrfs: fix memory leak in resolver code
- btrfs: fix infinite loop in btrfs_shrink_device()
- btrfs: error handling locking fixu
- btrfs: fix uninit variable in repair_eb_io_failure
- btrfs: always store the mirror we read the eb from
- btrfs: do not count CRC or header errors twice while
scrubbing
- btrfs: do not start delalloc inodes during sync
- btrfs: fix repair code for RAID10
- btrfs: Prevent root_list corruption
- btrfs: fix block_rsv and space_info lock ordering
- btrfs: Fix space checking during fs resize
- btrfs: avoid deadlocks from GFP_KERNEL allocations during
btrfs_real_readdir
- btrfs: reduce lock contention during extent insertion
- btrfs: Add properly locking around add_root_to_dirty_list
- btrfs: Fix mismatching struct members in ioctl.h
netfilter:
- netfilter: nf_conntrack: make event callback registration
per-netns (bnc#758540).
DRM:
- drm/edid: Add a workaround for 1366x768 HD panel
(bnc#753172).
- drm/edid: Add extra_modes (bnc#753172).
- drm/edid: Add packed attribute to new gtf2 and cvt
structs (bnc#753172).
- drm/edid: Add the reduced blanking DMT modes to the DMT
list (bnc#753172).
- drm/edid: Allow drm_mode_find_dmt to hunt for
reduced-blanking modes (bnc#753172).
- drm/edid: Do drm_dmt_modes_for_range() for all range
descriptor types (bnc#753172).
- drm/edid: Document drm_mode_find_dmt (bnc#753172).
- drm/edid: Fix some comment typos in the DMT mode list
(bnc#753172).
- drm/edid: Generate modes from extra_modes for range
descriptors (bnc#753172).
- drm/edid: Give the est3 mode struct a real name
(bnc#753172).
- drm/edid: Remove a misleading comment (bnc#753172).
- drm/edid: Rewrite drm_mode_find_dmt search loop
(bnc#753172).
- drm/edid: Update range descriptor struct for EDID 1.4
(bnc#753172).
- drm/edid: add missing NULL checks (bnc#753172).
- drm/edid:
s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/
(bnc#753172).
- Fix kABI for drm EDID improvement patches (bnc#753172).
- drm: Fix the case where multiple modes are returned from
EDID (bnc#753172)
- drm/i915: Add more standard modes to LVDS output
(bnc#753172).
- drm/i915: Disable LVDS at mode change (bnc#752022).
- drm/i915: add Ivy Bridge GT2 Server entries (bnc#759971).
- drm/i915: delay drm_irq_install() at resume (bnc#753698).
- EDD: Check for correct EDD 3.0 length (bnc#762285).
XEN:
- blkfront: make blkif_io_lock spinlock per-device.
- blkback: streamline main processing loop (fate#309305).
- blkback: Implement discard requests handling
(fate#309305).
- blkback: Enhance discard support with secure erasing
support (fate#309305).
- blkfront: Handle discard requests (fate#309305).
- blkfront: Enhance discard support with secure erasing
support (fate#309305).
- blkif: support discard (fate#309305).
- blkif: Enhance discard support with secure erasing
support (fate#309305).
- xen/smpboot: adjust ordering of operations.
- x86-64: provide a memset() that can deal with 4Gb or
above at a time (bnc#738528).
- Update Xen patches to 3.0.27.
- Update Xen patches to 3.0.31.
- xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53
(bnc#760974).
- xen/gntdev: fix multi-page slot allocation (bnc#760974).
TG3:
- tg3: Avoid panic from reserved statblk field access
(bnc#760346).
- tg3: Fix 5717 serdes powerdown problem (bnc#756940).
- tg3: Fix RSS ring refill race condition (bnc#756940).
- tg3: Fix single-vector MSI-X code (bnc#756940).
- tg3: fix ipv6 header length computation (bnc#756940).
S/390:
- dasd: Fix I/O stall when reserving dasds (bnc#757719).
- s390/af_iucv: detect down state of HS transport interface
(bnc#758279,LTC#80859).
- s390/af_iucv: allow shutdown for HS transport sockets
(bnc#758279,LTC#80860).
- mm: s390: Fix BUG by using __set_page_dirty_no_writeback
on swap. (bnc#751550)
- s390/qeth: Improve OSA Express 4 blkt defaults
(bnc#754969,LTC#80325).
- s390/zcrypt: Fix parameter checking for ZSECSENDCPRB
ioctl (bnc#754969,LTC#80378).
- zfcpdump: Implement async sdias event processing
(bnc#761387,LTC#81330).
ALSA:
- ALSA: hda - Always resume the codec immediately
(bnc#750426).
- ALSA: hda - Add Creative CA0132 HDA codec support
(bnc#762424).
- ALSA: hda - Fix error handling in patch_ca0132.c
(bnc#762424).
- ALSA: hda - Add the support for Creative SoundCore3D
(bnc#762424).
OTHER:
- ixgbe: fix ring assignment issues for SR-IOV and drop
cases (bnc#761158).
- ixgbe: add missing rtnl_lock in PM resume path
(bnc#748859).
- MCE, AMD: Drop too granulary family model checks
(bnc#758833).
- EDAC, MCE, AMD: Print CPU number when reporting the error
(bnc#758833).
- EDAC, MCE, AMD: Print valid addr when reporting an error
(bnc#758833).
- libata: skip old error history when counting probe trials.
- x86: kdb: restore kdb stack trace (bnc#760015).
- ehea: fix allmulticast support,
- ehea: fix promiscuous mode (both bnc#757289)
- ehea: only register irq after setting up ports
(bnc#758731).
- ehea: fix losing of NEQ events when one event occurred
early (bnc#758731).
- scsi: Silence unnecessary warnings about ioctl to
partition (bnc#758104).
- scsi_dh_rdac: Update match function to check page C8
(bnc#757077).
- scsi_dh_rdac: Add new NetApp IDs (bnc#757077).
- bluetooth: Add support for Foxconn/Hon Hai AR5BBU22
0489:E03C (bnc#759908).
- x86/amd: Add missing feature flag for fam15h models
10h-1fh processors (bnc#759340).
- x86: Report cpb and eff_freq_ro flags correctly
(bnc#759340).
- x86, amd: Fix up numa_node information for AMD CPU family
15h model 0-0fh northbridge functions (bnc#759340).
- x86/PCI: amd: Kill misleading message about enablement of
IO access to PCI ECS] (bnc#759340).
- cdc-wdm: fix race leading leading to memory corruption
(bnc#759539).
- tlan: add cast needed for proper 64 bit operation
(bnc#756840).
- bonding:update speed/duplex for NETDEV_CHANGE
(bnc#752634).
- bonding: comparing a u8 with -1 is always false
(bnc#752634).
- bonding: start slaves with link down for ARP monitor
(bnc#752634).
- bonding: do not increase rx_dropped after processing
LACPDUs (bnc#759657).
- x86: fix the initialization of physnode_map (bnc#748112).
- sched,rt: fix isolated CPUs leaving root_task_group
indefinitely throttled (bnc#754085).
- Fix SLE11-SP1->SLE11-SP2 interrupt latency regression.
Revert 0209f649, and turn tick skew on globally, since
0209f649 came about to mitigate lock contention that skew
removal induces, both on xtime_lock and on RCU leaf node
locks. NOTE: This change trades ~400% latency regression
fix for power consumption progression that skew removal
bought (at high cost).
- Revert mainline 0209f649 - rcu: limit rcu_node leaf-level
fanout (bnc#718521).
- md: fix possible corruption of array metadata on shutdown.
- md/bitmap: prevent bitmap_daemon_work running while
initialising bitmap.
- md: ensure changes to write-mostly are reflected in
metadata (bnc#755178).
- cciss: Add IRQF_SHARED back in for the non-MSI(X)
interrupt handler (bnc#757789).
- procfs, namespace, pid_ns: fix leakage upon fork()
failure (bnc#757783).
- mqueue: fix a vfsmount longterm reference leak
(bnc#757783).
- procfs: fix a vfsmount longterm reference leak
(bnc#757783).
- scsi_dh_alua: Optimize stpg command (bnc#744758).
- scsi_dh_alua: Store pref bit from RTPG (bnc#755758).
- scsi_dh_alua: set_params interface (bnc#755758).
- uwb: fix error handling (bnc#757950).
- uwb: fix use of del_timer_sync() in interrupt
(bnc#757950).
- usbhid: fix error handling of not enough bandwidth
(bnc#704280).
- mm: Improve preservation of page-age information
(bnc#754690)
- pagecache limit: Fix the shmem deadlock (bnc#755537).
- USB: sierra: add support for Sierra Wireless MC7710
(bnc#757517).
- USB: fix resource leak in xhci power loss path
(bnc#746938).
- x86/iommu/intel: Fix identity mapping for sandy bridge
(bnc#743232).
- ipv6: Check dest prefix length on original route not
copied one in rt6_alloc_cow() (bnc#757202).
- ipv6: do not use inetpeer to store metrics for routes
(bnc#757202).
- ipv6: fix problem with expired dst cache (bnc#757205).
- ipv6: unshare inetpeers.
- bridge: correct IPv6 checksum after pull (bnc#738644).
- scsi: storvsc: Account for in-transit packets in the
RESET path.
-
patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merge.pa
tch:
-
patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue.pat
ch: Fix vma merging issue during mbind affecting JVMs.
- ACPI, APEI: Fix incorrect APEI register bit width check
and usage (bnc#725592).
- vmxnet3: cap copy length at size of skb to prevent
dropped frames on tx (bnc#755812).
- rt2x00: rt2x00dev: move rfkill_polling register to proper
place (bnc#748806).
- pagecache: fix the BUG_ON safety belt
- pagecache: Fixed the GFP_NOWAIT is zero and not suitable
for tests bug (bnc#755537)
- igb: reset PHY after recovering from PHY power down.
(bnc#745088)
- igb: fix rtnl race in PM resume path (bnc#748859).
- watchdog: iTCO_wdt.c - problems with newer hardware due
to SMI clearing (bnc#757373).
- watchdog: iTCO_wdt.c - problems with newer hardware due
to SMI clearing (bnc#757373, redhat#727875).
- cfq-iosched: Reduce linked group count upon group
destruction (bnc#759541).
- cdc_ether: Ignore bogus union descriptor for RNDIS
devices (bnc#761772).
- sys_poll: fix incorrect type for timeout parameter
(bnc#754428).
- staging:rts_pstor:Avoid "Bad target number" message when
probing driver (bnc#762329).
- staging:rts_pstor:Complete scanning_done variable
(bnc#762329).
- staging:rts_pstor:Fix SDIO issue (bnc#762329).
- staging:rts_pstor: Fix a bug that a MMCPlus card ca not
be accessed (bnc#762329).
- staging:rts_pstor: Fix a miswriting (bnc#762329).
- staging:rts_pstor:Fix possible panic by NULL pointer
dereference (bnc#762329).
- staging:rts_pstor: fix thread synchronization flow
(bnc#762329).
- freezer:do not unnecessarily set PF_NOFREEZE explicitly
(bnc#762329).
- staging:rts_pstor: off by one in for loop (bnc#762329).
- patches.suse/cgroup-disable-memcg-when-low-lowmem.patch:
fix typo: use if defined(CONFIG_*) rather than if CONFIG_*
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Contraindications:
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-kernel-6338 slessp2-kernel-6349
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-kernel-6338 slessp2-kernel-6339 slessp2-kernel-6345 slessp2-kernel-6348 slessp2-kernel-6349
- SUSE Linux Enterprise High Availability Extension 11 SP2:
zypper in -t patch sleshasp2-kernel-6338 sleshasp2-kernel-6339 sleshasp2-kernel-6345 sleshasp2-kernel-6348 sleshasp2-kernel-6349
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-kernel-6338 sledsp2-kernel-6349
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.31]:
kernel-default-3.0.31-0.9.1
kernel-default-base-3.0.31-0.9.1
kernel-default-devel-3.0.31-0.9.1
kernel-source-3.0.31-0.9.1
kernel-syms-3.0.31-0.9.1
kernel-trace-3.0.31-0.9.1
kernel-trace-base-3.0.31-0.9.1
kernel-trace-devel-3.0.31-0.9.1
kernel-xen-devel-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.31]:
kernel-pae-3.0.31-0.9.1
kernel-pae-base-3.0.31-0.9.1
kernel-pae-devel-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.31]:
kernel-default-3.0.31-0.9.1
kernel-default-base-3.0.31-0.9.1
kernel-default-devel-3.0.31-0.9.1
kernel-source-3.0.31-0.9.1
kernel-syms-3.0.31-0.9.1
kernel-trace-3.0.31-0.9.1
kernel-trace-base-3.0.31-0.9.1
kernel-trace-devel-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.31]:
kernel-ec2-3.0.31-0.9.1
kernel-ec2-base-3.0.31-0.9.1
kernel-ec2-devel-3.0.31-0.9.1
kernel-xen-3.0.31-0.9.1
kernel-xen-base-3.0.31-0.9.1
kernel-xen-devel-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.31]:
kernel-default-man-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.31]:
kernel-ppc64-3.0.31-0.9.1
kernel-ppc64-base-3.0.31-0.9.1
kernel-ppc64-devel-3.0.31-0.9.1
- SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.31]:
kernel-pae-3.0.31-0.9.1
kernel-pae-base-3.0.31-0.9.1
kernel-pae-devel-3.0.31-0.9.1
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.31_0.9-2.10.23
cluster-network-kmp-trace-1.4_3.0.31_0.9-2.10.23
gfs2-kmp-default-2_3.0.31_0.9-0.7.23
gfs2-kmp-trace-2_3.0.31_0.9-0.7.23
ocfs2-kmp-default-1.6_3.0.31_0.9-0.7.23
ocfs2-kmp-trace-1.6_3.0.31_0.9-0.7.23
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.31_0.9-2.10.23
gfs2-kmp-xen-2_3.0.31_0.9-0.7.23
ocfs2-kmp-xen-1.6_3.0.31_0.9-0.7.23
- SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.31_0.9-2.10.23
gfs2-kmp-ppc64-2_3.0.31_0.9-0.7.23
ocfs2-kmp-ppc64-1.6_3.0.31_0.9-0.7.23
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):
cluster-network-kmp-pae-1.4_3.0.31_0.9-2.10.23
gfs2-kmp-pae-2_3.0.31_0.9-0.7.23
ocfs2-kmp-pae-1.6_3.0.31_0.9-0.7.23
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.31]:
kernel-default-3.0.31-0.9.1
kernel-default-base-3.0.31-0.9.1
kernel-default-devel-3.0.31-0.9.1
kernel-default-extra-3.0.31-0.9.1
kernel-source-3.0.31-0.9.1
kernel-syms-3.0.31-0.9.1
kernel-trace-3.0.31-0.9.1
kernel-trace-base-3.0.31-0.9.1
kernel-trace-devel-3.0.31-0.9.1
kernel-trace-extra-3.0.31-0.9.1
kernel-xen-3.0.31-0.9.1
kernel-xen-base-3.0.31-0.9.1
kernel-xen-devel-3.0.31-0.9.1
kernel-xen-extra-3.0.31-0.9.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.31]:
kernel-pae-3.0.31-0.9.1
kernel-pae-base-3.0.31-0.9.1
kernel-pae-devel-3.0.31-0.9.1
kernel-pae-extra-3.0.31-0.9.1
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
ext4-writeable-kmp-default-0_3.0.31_0.9-0.14.4
kernel-default-extra-3.0.31-0.9.1
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
ext4-writeable-kmp-xen-0_3.0.31_0.9-0.14.4
kernel-xen-extra-3.0.31-0.9.1
- SLE 11 SERVER Unsupported Extras (ppc64):
ext4-writeable-kmp-ppc64-0_3.0.31_0.9-0.14.4
kernel-ppc64-extra-3.0.31-0.9.1
- SLE 11 SERVER Unsupported Extras (i586):
ext4-writeable-kmp-pae-0_3.0.31_0.9-0.14.4
kernel-pae-extra-3.0.31-0.9.1
References:
http://support.novell.com/security/cve/CVE-2012-2127.html
http://support.novell.com/security/cve/CVE-2012-2133.html
http://support.novell.com/security/cve/CVE-2012-2313.html
http://support.novell.com/security/cve/CVE-2012-2319.html
https://bugzilla.novell.com/704280
https://bugzilla.novell.com/708836
https://bugzilla.novell.com/718521
https://bugzilla.novell.com/721857
https://bugzilla.novell.com/725592
https://bugzilla.novell.com/732296
https://bugzilla.novell.com/738528
https://bugzilla.novell.com/738644
https://bugzilla.novell.com/743232
https://bugzilla.novell.com/744758
https://bugzilla.novell.com/745088
https://bugzilla.novell.com/746938
https://bugzilla.novell.com/748112
https://bugzilla.novell.com/748463
https://bugzilla.novell.com/748806
https://bugzilla.novell.com/748859
https://bugzilla.novell.com/750426
https://bugzilla.novell.com/751550
https://bugzilla.novell.com/752022
https://bugzilla.novell.com/752634
https://bugzilla.novell.com/753172
https://bugzilla.novell.com/753698
https://bugzilla.novell.com/754085
https://bugzilla.novell.com/754428
https://bugzilla.novell.com/754690
https://bugzilla.novell.com/754969
https://bugzilla.novell.com/755178
https://bugzilla.novell.com/755537
https://bugzilla.novell.com/755758
https://bugzilla.novell.com/755812
https://bugzilla.novell.com/756236
https://bugzilla.novell.com/756821
https://bugzilla.novell.com/756840
https://bugzilla.novell.com/756940
https://bugzilla.novell.com/757077
https://bugzilla.novell.com/757202
https://bugzilla.novell.com/757205
https://bugzilla.novell.com/757289
https://bugzilla.novell.com/757373
https://bugzilla.novell.com/757517
https://bugzilla.novell.com/757565
https://bugzilla.novell.com/757719
https://bugzilla.novell.com/757783
https://bugzilla.novell.com/757789
https://bugzilla.novell.com/757950
https://bugzilla.novell.com/758104
https://bugzilla.novell.com/758279
https://bugzilla.novell.com/758532
https://bugzilla.novell.com/758540
https://bugzilla.novell.com/758731
https://bugzilla.novell.com/758813
https://bugzilla.novell.com/758833
https://bugzilla.novell.com/759340
https://bugzilla.novell.com/759539
https://bugzilla.novell.com/759541
https://bugzilla.novell.com/759657
https://bugzilla.novell.com/759908
https://bugzilla.novell.com/759971
https://bugzilla.novell.com/760015
https://bugzilla.novell.com/760279
https://bugzilla.novell.com/760346
https://bugzilla.novell.com/760974
https://bugzilla.novell.com/761158
https://bugzilla.novell.com/761387
https://bugzilla.novell.com/761772
https://bugzilla.novell.com/762285
https://bugzilla.novell.com/762329
https://bugzilla.novell.com/762424
http://download.novell.com/patch/finder/?keywords=1807bcd2b9628830e46f87bbc…
http://download.novell.com/patch/finder/?keywords=2f14534cc5f6410a84a13bede…
http://download.novell.com/patch/finder/?keywords=433a101aa3e734c55d581257c…
http://download.novell.com/patch/finder/?keywords=5d93f32b6c5678423315d9763…
http://download.novell.com/patch/finder/?keywords=62d70aee81de7f4d62272d333…
http://download.novell.com/patch/finder/?keywords=6ecf603bc7f492a1e4ab33c86…
http://download.novell.com/patch/finder/?keywords=780f3653ec4f849b5c346c0da…
http://download.novell.com/patch/finder/?keywords=b1249381226b03cee526b6949…
http://download.novell.com/patch/finder/?keywords=b13b5578bab912738d92e3b37…
http://download.novell.com/patch/finder/?keywords=f39e72bf933211809d610be17…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2012:0688-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 02 Jun '12
by opensuse-security@opensuse.org 02 Jun '12
02 Jun '12
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0688-1
Rating: important
References: #758408
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes two new package versions.
Description:
MozillaFirefox was updated to the 10.0.4 ESR release to fix
various bugs and security issues.
*
Mozilla developers identified and fixed several
memory safety bugs in the browser engine used in Firefox
and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances,
and we presume that with enough effort at least some of
these could be exploited to run arbitrary code. (MFSA
2012-20)
In general these flaws cannot be exploited through
email in the Thunderbird and SeaMonkey products because
scripting is disabled, but are potentially a risk in
browser or browser-like contexts in those products.
o
Christian Holler a reported memory safety and
security problem affecting Firefox 11. (CVE-2012-0468)
o
Bob Clary, Christian Holler, Brian Hackett,
Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse
Ruderman, Julian Seward, and Olli Pettay reported memory
safety problems and crashes that affect Firefox ESR and
Firefox 11. (CVE-2012-0467)
*
Using the Address Sanitizer tool, security researcher
Aki Helin from OUSPG found that IDBKeyRange of indexedDB
remains in the XPConnect hashtable instead of being
unlinked before being destroyed. When it is destroyed, this
causes a use-after-free, which is potentially exploitable.
(MFSA 2012-22 / CVE-2012-0469)
*
Using the Address Sanitizer tool, security researcher
Atte Kettunen from OUSPG found a heap corruption in
gfxImageSurface which allows for invalid frees and possible
remote code execution. This happens due to float error,
resulting from graphics values being passed through
different number systems. (MFSA 2012-23 / CVE-2012-0470)
*
Anne van Kesteren of Opera Software found a
multi-octet encoding issue where certain octets will
destroy the following octets in the processing of some
multibyte character sets. This can leave users vulnerable
to cross-site scripting (XSS) attacks on maliciously
crafted web pages. (MFSA 2012-24 / CVE-2012-0471)
*
Security research firm iDefense reported that
researcher wushi of team509 discovered a memory corruption
on Windows Vista and Windows 7 systems with hardware
acceleration disabled or using incompatible video drivers.
This is created by using cairo-dwrite to attempt to render
fonts on an unsupported code path. This corruption causes a
potentially exploitable crash on affected systems. (MFSA
2012-25 / CVE-2012-0472)
*
Mozilla community member Matias Juntunen discovered
an error in WebGLBuffer where FindMaxElementInSubArray
receives wrong template arguments from
FindMaxUshortElement. This bug causes maximum index to be
computed incorrectly within WebGL.drawElements, allowing
the reading of illegal video memory. (MFSA 2012-26 /
CVE-2012-0473)
*
Security researchers Jordi Chancel and Eddy Bordi
reported that they could short-circuit page loads to show
the address of a different site than what is loaded in the
window in the addressbar. Security researcher Chris McGowen
independently reported the same flaw, and further
demonstrated that this could lead to loading scripts from
the attacker's site, leaving users vulnerable to cross-site
scripting (XSS) attacks. (MFSA 2012-27 / CVE-2012-0474)
*
Security researcher Simone Fabiano reported that if a
cross-site XHR or WebSocket is opened on a web server on a
non-standard port for web traffic while using an IPv6
address, the browser will send an ambiguous origin headers
if the IPv6 address contains at least 2 consecutive 16-bit
fields of zeroes. If there is an origin access control list
that uses IPv6 literals, this issue could be used to bypass
these access controls on the server. (MFSA 2012-28 /
CVE-2012-0475)
*
Security researcher Masato Kinugawa found that during
the decoding of ISO-2022-KR and ISO-2022-CN character sets,
characters near 1024 bytes are treated incorrectly, either
doubling or deleting bytes. On certain pages it might be
possible for an attacker to pad the output of the page such
that these errors fall in the right place to affect the
structure of the page, allowing for cross-site script (XSS)
injection. (MFSA 2012-29 / CVE-2012-0477)
*
Mozilla community member Ms2ger found an image
rendering issue with WebGL when texImage2D uses use
JSVAL_TO_OBJECT on arbitrary objects. This can lead to a
crash on a maliciously crafted web page. While there is no
evidence that this is directly exploitable, there is a
possibility of remote code execution. (MFSA 2012-30 /
CVE-2012-0478)
*
Mateusz Jurczyk of the Google Security Team
discovered an off-by-one error in the OpenType Sanitizer
using the Address Sanitizer tool. This can lead to an
out-of-bounds read and execution of an uninitialized
function pointer during parsing and possible remote code
execution. (MFSA 2012-31 / CVE-2011-3062)
*
Security researcher Daniel Divricean reported that a
defect in the error handling of javascript errors can leak
the file names and location of javascript files on a
server, leading to inadvertent information disclosure and a
vector for further attacks. (MFSA 2012-32 / CVE-2011-1187)
*
Security researcher Jeroen van der Gun reported that
if RSS or Atom XML invalid content is loaded over HTTPS,
the addressbar updates to display the new location of the
loaded resource, including SSL indicators, while the main
window still displays the previously loaded content. This
allows for phishing attacks where a malicious page can
spoof the identify of another seemingly secure site. (MFSA
2012-33 / CVE-2012-0479)
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.4]:
firefox3-gtk2-2.10.6-0.10.1
mozilla-nss-3.13.4-0.5.5
mozilla-nss-devel-3.13.4-0.5.5
mozilla-nss-tools-3.13.4-0.5.5
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 7]:
MozillaFirefox-10.0.4-0.7.6
MozillaFirefox-branding-SLED-7-0.8.12
MozillaFirefox-translations-10.0.4-0.7.6
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.13.4]:
firefox3-gtk2-32bit-2.10.6-0.10.1
mozilla-nss-32bit-3.13.4-0.5.5
- SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.13.4]:
mozilla-nss-x86-3.13.4-0.5.5
- SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.13.4]:
mozilla-nss-64bit-3.13.4-0.5.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.13.4]:
beagle-0.2.18-78.13.1.102
beagle-evolution-0.2.18-78.13.1.102
beagle-firefox-0.2.18-78.13.1.102
beagle-gui-0.2.18-78.13.1.102
firefox3-gtk2-2.10.6-0.10.1
mhtml-firefox-0.5-1.11.5
mozilla-nss-3.13.4-0.5.5
mozilla-nss-devel-3.13.4-0.5.5
mozilla-nss-tools-3.13.4-0.5.5
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.13.4]:
firefox3-gtk2-32bit-2.10.6-0.10.1
mozilla-nss-32bit-3.13.4-0.5.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 7]:
MozillaFirefox-10.0.4-0.7.6
MozillaFirefox-branding-SLED-7-0.8.12
MozillaFirefox-translations-10.0.4-0.7.6
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.4]:
beagle-0.2.18-78.13.1.102
beagle-evolution-0.2.18-78.13.1.102
beagle-firefox-0.2.18-78.13.1.102
beagle-gui-0.2.18-78.13.1.102
firefox3-autoconf261-2.61-0.5.5
firefox3-binutils-2.21.1-0.8.5
firefox3-gtk2-devel-2.10.6-0.10.1
firefox3-gtk2-doc-2.10.6-0.10.1
firefox3-make-3.81-0.129.5
firefox3-python-base-2.6.8-0.7.4
mozilla-nss-tools-3.13.4-0.5.5
yasm-1.1.0-10.5.5
yasm-devel-1.1.0-10.5.5
- SLE SDK 10 SP4 (i586 ia64 ppc s390x):
MozillaFirefox-branding-upstream-10.0.4-0.7.6
References:
https://bugzilla.novell.com/758408
http://download.novell.com/patch/finder/?keywords=f83092661fed8208922079593…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0