openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
November 2013
- 2 participants
- 27 discussions
[security-announce] openSUSE-SU-2013:1777-1: important: chromium: update to 31.0.1650.57
by opensuse-security@opensuse.org 27 Nov '13
by opensuse-security@opensuse.org 27 Nov '13
27 Nov '13
openSUSE Security Update: chromium: update to 31.0.1650.57
______________________________________________________________________________
Announcement ID: openSUSE-SU-2013:1777-1
Rating: important
References: #850430
Cross-References: CVE-2013-2931 CVE-2013-6621 CVE-2013-6622
CVE-2013-6623 CVE-2013-6624 CVE-2013-6625
CVE-2013-6626 CVE-2013-6627 CVE-2013-6628
CVE-2013-6629 CVE-2013-6630 CVE-2013-6631
CVE-2013-6632
Affected Products:
openSUSE 12.2
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
Chromium was updated to 31.0.1650.57: Stable channel update:
- Security Fixes:
* CVE-2013-6632: Multiple memory corruption issues.
- Update to Chromium 31.0.1650.48 (bnc#850430) Stable
Channel update:
- Security fixes:
* CVE-2013-6621: Use after free related to speech input
elements..
* CVE-2013-6622: Use after free related to media
elements.
* CVE-2013-6623: Out of bounds read in SVG.
* CVE-2013-6624: Use after free related to “id”
attribute strings.
* CVE-2013-6625: Use after free in DOM ranges.
* CVE-2013-6626: Address bar spoofing related to
interstitial warnings.
* CVE-2013-6627: Out of bounds read in HTTP parsing.
* CVE-2013-6628: Issue with certificates not being
checked during TLS renegotiation.
* CVE-2013-2931: Various fixes from internal audits,
fuzzing and other initiatives.
* CVE-2013-6629: Read of uninitialized memory in
libjpeg and libjpeg-turbo.
* CVE-2013-6630: Read of uninitialized memory in
libjpeg-turbo.
* CVE-2013-6631: Use after free in libjingle.
- Added patch chromium-fix-chromedriver-build.diff to fix
the chromedriver build
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.2:
zypper in -t patch openSUSE-2013-904
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.2 (i586 x86_64):
chromedriver-31.0.1650.57-1.54.1
chromedriver-debuginfo-31.0.1650.57-1.54.1
chromium-31.0.1650.57-1.54.1
chromium-debuginfo-31.0.1650.57-1.54.1
chromium-debugsource-31.0.1650.57-1.54.1
chromium-desktop-gnome-31.0.1650.57-1.54.1
chromium-desktop-kde-31.0.1650.57-1.54.1
chromium-ffmpegsumo-31.0.1650.57-1.54.1
chromium-ffmpegsumo-debuginfo-31.0.1650.57-1.54.1
chromium-suid-helper-31.0.1650.57-1.54.1
chromium-suid-helper-debuginfo-31.0.1650.57-1.54.1
References:
http://support.novell.com/security/cve/CVE-2013-2931.html
http://support.novell.com/security/cve/CVE-2013-6621.html
http://support.novell.com/security/cve/CVE-2013-6622.html
http://support.novell.com/security/cve/CVE-2013-6623.html
http://support.novell.com/security/cve/CVE-2013-6624.html
http://support.novell.com/security/cve/CVE-2013-6625.html
http://support.novell.com/security/cve/CVE-2013-6626.html
http://support.novell.com/security/cve/CVE-2013-6627.html
http://support.novell.com/security/cve/CVE-2013-6628.html
http://support.novell.com/security/cve/CVE-2013-6629.html
http://support.novell.com/security/cve/CVE-2013-6630.html
http://support.novell.com/security/cve/CVE-2013-6631.html
http://support.novell.com/security/cve/CVE-2013-6632.html
https://bugzilla.novell.com/850430
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2013:1776-1: important: chromium: 31.0.1650.57 version update
by opensuse-security@opensuse.org 27 Nov '13
by opensuse-security@opensuse.org 27 Nov '13
27 Nov '13
openSUSE Security Update: chromium: 31.0.1650.57 version update
______________________________________________________________________________
Announcement ID: openSUSE-SU-2013:1776-1
Rating: important
References: #849715 #850430
Cross-References: CVE-2013-2925 CVE-2013-2926 CVE-2013-2927
CVE-2013-2928 CVE-2013-2931 CVE-2013-6621
CVE-2013-6622 CVE-2013-6623 CVE-2013-6624
CVE-2013-6625 CVE-2013-6626 CVE-2013-6627
CVE-2013-6628 CVE-2013-6629 CVE-2013-6630
CVE-2013-6631 CVE-2013-6632
Affected Products:
openSUSE 12.3
______________________________________________________________________________
An update that fixes 17 vulnerabilities is now available.
Description:
Security and bugfix update to Chromium 31.0.1650.57
- Update to Chromium 31.0.1650.57:
- Security Fixes:
* CVE-2013-6632: Multiple memory corruption issues.
- Update to Chromium 31.0.1650.48 Stable Channel update:
- Security fixes:
* CVE-2013-6621: Use after free related to speech input
elements..
* CVE-2013-6622: Use after free related to media
elements.
* CVE-2013-6623: Out of bounds read in SVG.
* CVE-2013-6624: Use after free related to “id”
attribute strings.
* CVE-2013-6625: Use after free in DOM ranges.
* CVE-2013-6626: Address bar spoofing related to
interstitial warnings.
* CVE-2013-6627: Out of bounds read in HTTP parsing.
* CVE-2013-6628: Issue with certificates not being
checked during TLS renegotiation.
* CVE-2013-2931: Various fixes from internal audits,
fuzzing and other initiatives.
* CVE-2013-6629: Read of uninitialized memory in
libjpeg and libjpeg-turbo.
* CVE-2013-6630: Read of uninitialized memory in
libjpeg-turbo.
* CVE-2013-6631: Use after free in libjingle.
- Stable Channel update: fix build for 32bit systems
- Update to Chromium 30.0.1599.101
- Security Fixes:
+ CVE-2013-2925: Use after free in XHR
+ CVE-2013-2926: Use after free in editing
+ CVE-2013-2927: Use after free in forms.
+ CVE-2013-2928: Various fixes from internal audits,
fuzzing and other initiatives.
- Enable ARM build for Chromium.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2013-903
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.3 (i586 x86_64):
chromedriver-31.0.1650.57-1.17.1
chromedriver-debuginfo-31.0.1650.57-1.17.1
chromium-31.0.1650.57-1.17.1
chromium-debuginfo-31.0.1650.57-1.17.1
chromium-debugsource-31.0.1650.57-1.17.1
chromium-desktop-gnome-31.0.1650.57-1.17.1
chromium-desktop-kde-31.0.1650.57-1.17.1
chromium-ffmpegsumo-31.0.1650.57-1.17.1
chromium-ffmpegsumo-debuginfo-31.0.1650.57-1.17.1
chromium-suid-helper-31.0.1650.57-1.17.1
chromium-suid-helper-debuginfo-31.0.1650.57-1.17.1
References:
http://support.novell.com/security/cve/CVE-2013-2925.html
http://support.novell.com/security/cve/CVE-2013-2926.html
http://support.novell.com/security/cve/CVE-2013-2927.html
http://support.novell.com/security/cve/CVE-2013-2928.html
http://support.novell.com/security/cve/CVE-2013-2931.html
http://support.novell.com/security/cve/CVE-2013-6621.html
http://support.novell.com/security/cve/CVE-2013-6622.html
http://support.novell.com/security/cve/CVE-2013-6623.html
http://support.novell.com/security/cve/CVE-2013-6624.html
http://support.novell.com/security/cve/CVE-2013-6625.html
http://support.novell.com/security/cve/CVE-2013-6626.html
http://support.novell.com/security/cve/CVE-2013-6627.html
http://support.novell.com/security/cve/CVE-2013-6628.html
http://support.novell.com/security/cve/CVE-2013-6629.html
http://support.novell.com/security/cve/CVE-2013-6630.html
http://support.novell.com/security/cve/CVE-2013-6631.html
http://support.novell.com/security/cve/CVE-2013-6632.html
https://bugzilla.novell.com/849715
https://bugzilla.novell.com/850430
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1750-1: important: Security update for Real Time Linux Kernel
by opensuse-security@opensuse.org 22 Nov '13
by opensuse-security@opensuse.org 22 Nov '13
22 Nov '13
SUSE Security Update: Security update for Real Time Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1750-1
Rating: important
References: #754690 #763463 #794824 #797526 #800875 #804950
#808079 #816099 #820848 #821259 #821465 #821948
#822433 #822942 #825291 #826102 #827246 #827416
#827966 #828714 #828894 #829682 #830985 #831029
#831143 #831380 #832292 #833097 #833151 #833321
#833588 #833635 #833820 #833858 #834204 #834600
#834905 #835094 #835189 #835684 #835930 #836218
#836347 #836801 #837372 #837596 #837741 #837803
#838346 #838448 #839407 #839973 #840830 #841050
#841094 #841402 #841498 #841656 #842057 #842063
#842604 #842820 #843429 #843445 #843642 #843645
#843732 #843753 #843950 #844513 #845352 #847319
Cross-References: CVE-2013-2206
Affected Products:
SUSE Linux Enterprise Real Time Extension 11 SP3
______________________________________________________________________________
An update that solves one vulnerability and has 71 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 3 RealTime
Extension kernel was updated to version 3.0.101 to fix
various bugs and security issues.
The following features have been added:
* Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
* Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
* Drivers: hv: Move vmbus version definitions to
hyperv.h (FATE#314665).
The following security issue has been fixed:
* CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
in net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of service
(NULL pointer dereference and system crash) or possibly
have unspecified other impact via crafted SCTP traffic.
(bnc#826102)
The following non-security bugs have been fixed:
* kernel: sclp console hangs (bnc#841498, LTC#95711).
* kernel: allow program interruption filtering in user
space (bnc#837596, LTC#97332).
* Audit: do not print error when LSMs disabled
(bnc#842057).
* i2c: ismt: initialize DMA buffer (bnc#843753).
* powerpc/irq: Run softirqs off the top of the irq
stack (bnc#847319).
* softirq: reduce latencies (bnc#797526).
* softirq: Fix lockup related to stop_machine being
stuck in __do_softirq (bnc#797526).
* thp: reduce khugepaged freezing latency (khugepaged
blocking suspend-to-ram (bnc#825291)).
* X.509: Remove certificate date checks (bnc#841656).
* splice: fix racy pipe->buffers uses (bnc#827246).
* blktrace: fix race with open trace files and
directory removal (bnc#832292).
* writeback: Do not sync data dirtied after sync start
(bnc#833820).
* elousb: some systems cannot stomach work around
(bnc#840830).
* bounce: allow use of bounce pool via config option
(Bounce memory pool initialisation (bnc#836347)).
* block: initialize the bounce pool if high memory may
be added later (Bounce memory pool initialization
(bnc#836347)).
* config/debug: Enable FSCACHE_DEBUG and
CACHEFILES_DEBUG (bnc#837372).
* xhci: Fix spurious wakeups after S5 on Haswell
(bnc#833097).
* cio: add message for timeouts on internal I/O
(bnc#837741,LTC#97048).
* elousb: some systems cannot stomach work around
(bnc#830985).
* s390/cio: handle unknown pgroup state
(bnc#837741,LTC#97048).
* s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
* s390/cio: skip broken paths (bnc#837741,LTC#97048).
* s390/cio: dont abort verification after missing irq
(bnc#837741,LTC#97048).
* bio-integrity: track owner of integrity payload
(bnc#831380).
* iommu/vt-d: add quirk for broken interrupt remapping
on 55XX chipsets (bnc#844513).
* x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset (bnc#844513).
* iommu/vt-d: Only warn about broken interrupt
remapping (bnc#844513).
* iommu: Remove stack trace from broken irq remapping
warning (bnc#844513).
* intel-iommu: Fix leaks in pagetable freeing
(bnc#841402).
* mm: Do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times (bnc#821259)).
* mm, memcg: introduce own oom handler to iterate only
over its own threads.
* mm, memcg: move all oom handling to memcontrol.c.
* mm, oom: avoid looping when chosen thread detaches
its mm.
* mm, oom: fold oom_kill_task() into oom_kill_process().
* mm, oom: introduce helper function to process threads
during scan.
* mm, oom: reduce dependency on tasklist_lock. (Reduce
tasklist_lock hold times (bnc#821259).
* mm: vmscan: Do not continue scanning if reclaim was
aborted for compaction (Limit reclaim in the preserve of IO
(bnc#754690)).
* mm: vmscan: take page buffers dirty and locked state
into account (Limit reclaim in the preserve of IO
(bnc#754690)).
* mm: vmscan: treat pages marked for immediate reclaim
as zone congestion (Limit reclaim in the preserve of IO
(bnc#754690)).
* mm: vmscan: move direct reclaim wait_iff_congested
into shrink_list (Limit reclaim in the preserve of IO
(bnc#754690)).
* mm: vmscan: set zone flags before blocking (Limit
reclaim in the preserve of IO (bnc#754690)).
* mm: vmscan: stall page reclaim after a list of pages
have been processed (Limit reclaim in the preserve of IO
(bnc#754690)).
* mm: vmscan: stall page reclaim and writeback pages
based on dirty/writepage pages encountered (Limit reclaim
in the reserve of IO (bnc#754690)).
* mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP
areas (bnc#822942).
* Update EC2 config files (STRICT_DEVMEM off,
bnc#843732).
* Fixed Xen guest freezes (bnc#829682, bnc#842063).
* rcu: Do not trigger false positive RCU stall
detection (bnc#834204).
* libata: Set proper SK when CK_COND is set
(bnc#833588).
* libata: Set proper Sense Key for Check Condition
(bnc#833588).
* lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt (bnc#763463).
* md: Throttle number of pending write requests in
md/raid10 (bnc#833858).
* dm: ignore merge_bvec for snapshots when safe
(bnc#820848).
* fs: do_add_mount()/umount -l races (bnc#836801).
* SUNRPC: close a rare race in xs_tcp_setup_socket
(bnc#794824).
* NFS: make nfs_flush_incompatible more generous
(bnc#816099).
* NFS: don't try to use lock state when we hold a
delegation (bnc#831029).
* NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).
* cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields
(bnc#804950).
* xfs: growfs: use uncached buffers for new headers
(bnc#842604).
* xfs: avoid double-free in xfs_attr_node_addname.
* xfs: Check the return value of xfs_buf_get()
(bnc#842604).
* cifs: revalidate directories instiantiated via FIND_*
in order to handle DFS referrals (bnc#831143).
* cifs: don't instantiate new dentries in readdir for
inodes that need to be revalidated immediately (bnc#831143).
* cifs: rename cifs_readdir_lookup to cifs_prime_dcache
and make it void return (bnc#831143).
* cifs: get rid of blind d_drop() in readdir
(bnc#831143).
* cifs: cleanup cifs_filldir (bnc#831143).
* cifs: on send failure, readjust server sequence
number downward (bnc#827966).
* cifs: adjust sequence number downward after signing
NT_CANCEL request (bnc#827966).
* cifs: on send failure, readjust server sequence
number downward (bnc#827966).
* cifs: adjust sequence number downward after signing
NT_CANCEL request (bnc#827966).
* reiserfs: fix race with flush_used_journal_lists and
flush_journal_list (bnc#837803).
* reiserfs: remove useless flush_old_journal_lists.
* mvsas: add support for 9480 device id (bnc#843950).
* drm/i915: Disable GGTT PTEs on GEN6+ suspend
(bnc#800875).
* drm/i915/hsw: Disable L3 caching of atomic memory
operations (bnc#800875).
* r8169: fix argument in rtl_hw_init_8168g
(bnc#845352,bnc#842820).
* r8169: support RTL8168G (bnc#845352,bnc#842820).
* r8169: abstract out loop conditions
(bnc#845352,bnc#842820).
* r8169: mdio_ops signature change
(bnc#845352,bnc#842820).
* megaraid_sas: Disable controller reset for ppc
(bnc#841050).
* scsi_dh_alua: simplify alua_check_sense()
(bnc#843642).
* scsi_dh_alua: Fix missing close brace in
alua_check_sense (bnc#843642).
* scsi_dh_alua: retry command on 'mode parameter
changed' sense code (bnc#843645).
* scsi_dh_alua: invalid state information for
'optimized' paths (bnc#843445).
* scsi_dh_alua: reattaching device handler fails with
'Error 15' (bnc#843429).
* iscsi: don't hang in endless loop if no targets
present (bnc#841094).
* scsi_dh_alua: Allow get_alua_data() to return NULL
(bnc#839407).
* quirks: add touchscreen that is dazzeled by remote
wakeup (bnc#835930).
* bnx2x: Change to D3hot only on removal (bnc#838448).
* tty/hvc_iucv: Disconnect IUCV connection when
lowering DTR (bnc#839973,LTC#97595).
* tty/hvc_console: Add DTR/RTS callback to handle HUPCL
control (bnc#839973,LTC#97595).
* series.conf: disable XHCI ring expansion patches
because on machines with large memory they cause a
starvation problem (bnc#833635)
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: vmbus: Do not attempt to negoatiate a
new version prematurely.
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: vmbus: Terminate vmbus version
negotiation on timeout.
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: balloon: Initialize the transaction ID
just before sending the packet.
* Drivers: hv: remove HV_DRV_VERSION.
* Drivers: hv: vmbus: Fix a bug in the handling of
channel offers.
* Drivers: hv: util: Fix a bug in util version
negotiation code (bnc#838346).
* mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
mlx4_ib_create_qp() (bnc#822433).
* drm/i915: disable sound first on intel_disable_ddi
(bnc#833151).
* ALSA: hda - Re-setup HDMI pin and audio infoframe on
stream switches (bnc#833151).
* drm/i915: HDMI/DP - ELD info refresh support for
Haswell (bnc#833151).
* drm/cirrus: This is a cirrus version of Egbert Eich's
patch for mgag200 (bnc#808079).
* vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).
* net/mlx4_en: Fix BlueFlame race (bnc#835684).
* be2net: Check for POST state in suspend-resume
sequence (bnc#835189).
* be2net: bug fix on returning an invalid nic
descriptor (bnc#835189).
* be2net: provision VF resources before enabling SR-IOV
(bnc#835189).
* be2net: Fix firmware download for Lancer (bnc#835189).
* be2net: Fix to use version 2 of cq_create for
SkyHawk-R devices (bnc#835189).
* be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).
* be2net: Avoid flashing BE3 UFI on BE3-R chip
(bnc#835189).
* be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).
* ipv6: don't call fib6_run_gc() until routing is ready
(bnc#836218).
* ipv6: prevent fib6_run_gc() contention (bnc#797526).
* ipv6: update ip6_rt_last_gc every time GC is run
(bnc#797526).
* netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853
bugzilla.netfilter.org:714).
* netfilter: prevent race condition breaking net
reference counting (bnc#835094).
* sctp: deal with multiple COOKIE_ECHO chunks
(bnc#826102).
* net: remove skb_orphan_try() (bnc#834600).
* bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
(bnc#834905).
* tools: hv: Improve error logging in VSS daemon.
* tools: hv: Check return value of poll call.
* tools: hv: Check return value of setsockopt call.
* Tools: hv: fix send/recv buffer allocation.
* Tools: hv: check return value of daemon to fix
compiler warning.
* Tools: hv: in kvp_set_ip_info free mac_addr right
after usage.
* Tools: hv: check return value of system in
hv_kvp_daemon.
* Tools: hv: correct payload size in netlink_send.
* Tools: hv: use full nlmsghdr in netlink_send.
* rpm/old-flavors, rpm/mkspec: Add version information
to obsolete flavors (bnc#821465).
* rpm/kernel-binary.spec.in: Move the xenpae obsolete
to the old-flavors file.
* rpm/old-flavors: Convert the old-packages.conf file
to a flat list.
* rpm/old-packages.conf: Drop bogus obsoletes for "smp"
(bnc#821465).
* rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned (bnc#821465).
* rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. (bnc#821465).
* sched/workqueue: Only wake up idle workers if not
blocked on sleeping spin lock.
* genirq: Set irq thread to RT priority on creation.
* timers: prepare for full preemption improve.
* kernel/cpu: fix cpu down problem if kthread's cpu is
going down.
* kernel/hotplug: restore original cpu mask oncpu/down.
* drm/i915: drop trace_i915_gem_ring_dispatch on rt.
* rt,ntp: Move call to schedule_delayed_work() to
helper thread.
* hwlat-detector: Update hwlat_detector to add outer
loop detection.
* hwlat-detect/trace: Export trace_clock_local for
hwlat-detector.
* hwlat-detector: Use trace_clock_local if available.
* hwlat-detector: Use thread instead of stop machine.
* genirq: do not invoke the affinity callback via a
workqueue.
* Btrfs: fix negative qgroup tracking from owner
accounting (bnc#821948).
* Btrfs: add missing error checks to
add_data_references.
* Btrfs: change how we queue blocks for backref
checking.
* Btrfs: add missing error handling to read_tree_block.
* Btrfs: handle errors when doing slow caching.
* Btrfs: fix inode leak on kmalloc failure in
tree-log.c.
* Btrfs: don't ignore errors from
btrfs_run_delayed_items.
* Btrfs: fix oops when writing dirty qgroups to disk.
* Btrfs: do not clear our orphan item runtime flag on
eexist.
* Btrfs: remove ourselves from the cluster list under
lock.
* Btrfs: remove unnecessary ->s_umount in
cleaner_kthread().
* Btrfs: make the cleaner complete early when the fs is
going to be umounted.
* Btrfs: move the R/O check out of
btrfs_clean_one_deleted_snapshot().
* Btrfs: make the snap/subv deletion end more early
when the fs is R/O.
* Btrfs: optimize key searches in btrfs_search_slot.
* Btrfs: fix printing of non NULL terminated string.
* Btrfs: fix memory leak of orphan block rsv.
* Btrfs: don't miss inode ref items in
BTRFS_IOC_INO_LOOKUP.
* Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
handler.
* Btrfs: fix the error handling wrt orphan items.
* Btrfs: don't allow a subvol to be deleted if it is
the default subovl.
* Btrfs: return ENOSPC when target space is full.
* Btrfs: don't bug_on when we fail when cleaning up
transactions.
* Btrfs: add missing mounting options in
btrfs_show_options().
* Btrfs: use u64 for subvolid when parsing mount
options.
* Btrfs: add sanity checks regarding to parsing mount
options.
* Btrfs: cleanup reloc roots properly on error.
* Btrfs: reset ret in record_one_backref.
* Btrfs: fix get set label blocking against balance.
* Btrfs: fall back to global reservation when removing
subvolumes.
* Btrfs: Release uuid_mutex for shrink during device
delete.
* Btrfs: update fixups from 3.11
* Btrfs: add ioctl to wait for qgroup rescan completion.
* Btrfs: remove useless copy in quota_ctl.
* Btrfs: do delay iput in sync_fs.
* Btrfs: fix estale with btrfs send.
* Btrfs: return error code in
btrfs_check_trunc_cache_free_space().
* Btrfs: dont do log_removal in insert_new_root.
* Btrfs: check if leaf's parent exists before pushing
items around.
* Btrfs: allow file data clone within a file.
* Btrfs: simplify unlink reservations.
* Btrfs: fix qgroup rescan resume on mount.
* Btrfs: do not pin while under spin lock.
* Btrfs: add some missing iput()'s in
btrfs_orphan_cleanup.
* Btrfs: put our inode if orphan cleanup fails.
* Btrfs: exclude logged extents before replying when we
are mixed.
* Btrfs: fix broken nocow after balance.
* Btrfs: wake up delayed ref flushing waiters on abort.
* Btrfs: stop waiting on current trans if we aborted.
* Btrfs: fix transaction throttling for delayed refs.
* Btrfs: free csums when we're done scrubbing an extent.
* Btrfs: unlock extent range on enospc in compressed
submit.
* Btrfs: stop using try_to_writeback_inodes_sb_nr to
flush delalloc.
* Btrfs: check if we can nocow if we don't have data
space.
* Btrfs: cleanup orphaned root orphan item.
* Btrfs: hold the tree mod lock in
__tree_mod_log_rewind.
* Btrfs: only do the tree_mod_log_free_eb if this is
our last ref.
* Btrfs: wait ordered range before doing direct io.
* Btrfs: update drop progress before stopping snapshot
dropping.
* Btrfs: fix lock leak when resuming snapshot deletion.
* Btrfs: re-add root to dead root list if we stop
dropping it.
* Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
specified.
* Btrfs: fix a bug of snapshot-aware defrag to make it
work on partial extents.
* Btrfs: fix extent buffer leak after backref walking.
* Btrfs: do not offset physical if we're compressed.
* Btrfs: fix backref walking when we hit a compressed
extent.
* Btrfs: make sure the backref walker catches all refs
to our extent.
* Btrfs: release both paths before logging dir/changed
extents.
* Btrfs: add btrfs_fs_incompat helper.
* Btrfs: merge save_error_info helpers into one.
* Btrfs: clean up transaction abort messages.
* Btrfs: cleanup unused arguments of btrfs_csum_data.
* Btrfs: use helper to cleanup tree roots.
* Btrfs: share stop worker code.
* Btrfs: Cleanup some redundant codes in
btrfs_lookup_csums_range().
* Btrfs: clean snapshots one by one.
* Btrfs: deprecate subvolrootid mount option.
* Btrfs: make orphan cleanup less verbose.
* Btrfs: cover more error codes in btrfs_decode_error.
* Btrfs: make subvol creation/deletion killable in the
early stages.
* Btrfs: fix a warning when disabling quota.
* Btrfs: fix infinite loop when we abort on mount.
* Btrfs: compare relevant parts of delayed tree refs.
* Btrfs: kill some BUG_ONs() in the find_parent_nodes().
* Btrfs: fix double free in the iterate_extent_inodes().
* Btrfs: fix error handling in make/read block group.
* Btrfs: don't wait on ordered extents if we have a
trans open.
* Btrfs: log ram bytes properly.
* Btrfs: fix bad extent logging.
* Btrfs: improve the performance of the csums lookup.
* Btrfs: ignore device open failures in
__btrfs_open_devices.
* Btrfs: abort unlink trans in missed error case.
* Btrfs: creating the subvolume qgroup automatically
when enabling quota.
* Btrfs: introduce a mutex lock for btrfs quota
operations.
* Btrfs: remove some unnecessary spin_lock usages.
* Btrfs: fix missing check before creating a qgroup
relation.
* Btrfs: fix missing check in the
btrfs_qgroup_inherit().
* Btrfs: fix a warning when updating qgroup limit.
* Btrfs: use tree_root to avoid edquot when disabling
quota.
* Btrfs: remove some BUG_ONs() when walking backref
tree.
* Btrfs: make __merge_refs() return type be void.
* Btrfs: add a rb_tree to improve performance of ulist
search.
* Btrfs: fix unblocked autodefraggers when remount.
* Btrfs: fix tree mod log regression on root split
operations.
* Btrfs: fix accessing the root pointer in tree mod log
functions.
* Btrfs: fix unlock after free on rewinded tree blocks.
* Btrfs: do not continue if out of memory happens.
* Btrfs: fix confusing edquot happening case.
* Btrfs: remove unused argument of fixup_low_keys().
* Btrfs: fix reada debug code compilation.
* Btrfs: return error when we specify wrong start to
defrag.
* Btrfs: don't force pages under writeback to finish
when aborting.
* Btrfs: clear received_uuid field for new writable
snapshots.
* Btrfs: fix missing check about ulist_add() in
qgroup.c.
* Btrfs: add all ioctl checks before user change for
quota operations.
* Btrfs: fix lockdep warning.
* Btrfs: fix possible infinite loop in slow caching.
* Btrfs: use REQ_META for all metadata IO.
* Btrfs: deal with bad mappings in btrfs_map_block.
* Btrfs: don't call readahead hook until we have read
the entire eb.
* Btrfs: don't BUG_ON() in btrfs_num_copies.
* Btrfs: don't try and free ebs twice in log replay.
* Btrfs: add tree block level sanity check.
* Btrfs: only exclude supers in the range of our block
group.
* Btrfs: fix all callers of read_tree_block.
* Btrfs: fix extent logging with O_DIRECT into prealloc.
* Btrfs: cleanup fs roots if we fail to mount.
* Btrfs: don't panic if we're trying to drop too many
refs.
* Btrfs: check return value of commit when recovering
log.
* Btrfs: cleanup destroy_marked_extents.
* Btrfs: various abort cleanups.
* Btrfs: fix error handling in btrfs_ioctl_send().
* Btrfs: set UUID in root_item for created trees.
* Btrfs: return free space in cow error path.
* Btrfs: separate sequence numbers for delayed ref
tracking and tree mod log.
* Btrfs: allocate new chunks if the space is not enough
for global rsv.
* Btrfs: split btrfs_qgroup_account_ref into four
functions (FATE#312751).
* Btrfs: rescan for qgroups (FATE#312751).
* Btrfs: automatic rescan after "quota enable" command
(FATE#312751).
* Btrfs: deal with free space cache errors while
replaying log.
* Btrfs: remove almost all of the BUG()'s from
tree-log.c.
* Btrfs: deal with errors in write_dev_supers.
* Btrfs: make static code static & remove dead code.
* Btrfs: handle errors returned from get_tree_block_key.
* Btrfs: remove unused gfp mask parameter from
release_extent_buffer callchain.
* Btrfs: read entire device info under lock.
* Btrfs: improve the loop of scrub_stripe.
* Btrfs: use unsigned long type for extent state bits.
* Btrfs: enhance superblock checks.
* Btrfs: allow superblock mismatch from older mkfs.
* Btrfs: annotate quota tree for lockdep.
* Btrfs: fix off-by-one in fiemap.
* Btrfs: don't stop searching after encountering the
wrong item.
* Btrfs: don't null pointer deref on abort.
* Btrfs: remove warn on in free space cache writeout.
* Btrfs: fix possible memory leak in the
find_parent_nodes().
* Btrfs: fix possible memory leak in replace_path().
* Btrfs: don't abort the current transaction if there
is no enough space for inode cache.
* Btrfs: don't use global block reservation for inode
cache truncation.
* Btrfs: optimize the error handle of use_block_rsv().
* Btrfs: don't steal the reserved space from the global
reserve if their space type is different.
* Btrfs: update the global reserve if it is empty.
* Btrfs: return errno if possible when we fail to
allocate memory.
* Btrfs: fix accessing a freed tree root.
* Btrfs: fix unprotected root node of the subvolume's
inode rb-tree.
* Btrfs: pause the space balance when remounting to R/O.
* Btrfs: remove BUG_ON() in
btrfs_read_fs_tree_no_radix().
* Btrfs: don't invoke btrfs_invalidate_inodes() in the
spin lock context.
* Btrfs: do away with non-whole_page extent I/O.
* Btrfs: explicitly use global_block_rsv for quota_tree.
* Btrfs: make sure roots are assigned before freeing
their nodes.
* Btrfs: don't delete fs_roots until after we cleanup
the transaction.
* Btrfs: Drop inode if inode root is NULL.
* Btrfs: init relocate extent_io_tree with a mapping.
* Btrfs: fix use-after-free bug during umount.
* Btrfs: stop all workers before cleaning up roots.
* Btrfs: add log message stubs.
Security Issues:
* CVE-2013-2206
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
>
Indications:
Everyone using the Real Time Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time Extension 11 SP3:
zypper in -t patch slertesp3-kernel-8544
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time Extension 11 SP3 (x86_64) [New Version: 3.0.101.rt130]:
cluster-network-kmp-rt-1.4_3.0.101_rt130_0.8-2.27.24
cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.8-2.27.24
drbd-kmp-rt-8.4.4_3.0.101_rt130_0.8-0.18.8
drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.8-0.18.8
iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.8-0.38.9
iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.8-0.38.9
kernel-rt-3.0.101.rt130-0.8.3
kernel-rt-base-3.0.101.rt130-0.8.3
kernel-rt-devel-3.0.101.rt130-0.8.3
kernel-rt_trace-3.0.101.rt130-0.8.3
kernel-rt_trace-base-3.0.101.rt130-0.8.3
kernel-rt_trace-devel-3.0.101.rt130-0.8.3
kernel-source-rt-3.0.101.rt130-0.8.1
kernel-syms-rt-3.0.101.rt130-0.8.1
lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.8-0.11.11
lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.8-0.11.11
ocfs2-kmp-rt-1.6_3.0.101_rt130_0.8-0.20.24
ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.8-0.20.24
ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.8-0.13.15
ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.8-0.13.15
References:
http://support.novell.com/security/cve/CVE-2013-2206.html
https://bugzilla.novell.com/754690
https://bugzilla.novell.com/763463
https://bugzilla.novell.com/794824
https://bugzilla.novell.com/797526
https://bugzilla.novell.com/800875
https://bugzilla.novell.com/804950
https://bugzilla.novell.com/808079
https://bugzilla.novell.com/816099
https://bugzilla.novell.com/820848
https://bugzilla.novell.com/821259
https://bugzilla.novell.com/821465
https://bugzilla.novell.com/821948
https://bugzilla.novell.com/822433
https://bugzilla.novell.com/822942
https://bugzilla.novell.com/825291
https://bugzilla.novell.com/826102
https://bugzilla.novell.com/827246
https://bugzilla.novell.com/827416
https://bugzilla.novell.com/827966
https://bugzilla.novell.com/828714
https://bugzilla.novell.com/828894
https://bugzilla.novell.com/829682
https://bugzilla.novell.com/830985
https://bugzilla.novell.com/831029
https://bugzilla.novell.com/831143
https://bugzilla.novell.com/831380
https://bugzilla.novell.com/832292
https://bugzilla.novell.com/833097
https://bugzilla.novell.com/833151
https://bugzilla.novell.com/833321
https://bugzilla.novell.com/833588
https://bugzilla.novell.com/833635
https://bugzilla.novell.com/833820
https://bugzilla.novell.com/833858
https://bugzilla.novell.com/834204
https://bugzilla.novell.com/834600
https://bugzilla.novell.com/834905
https://bugzilla.novell.com/835094
https://bugzilla.novell.com/835189
https://bugzilla.novell.com/835684
https://bugzilla.novell.com/835930
https://bugzilla.novell.com/836218
https://bugzilla.novell.com/836347
https://bugzilla.novell.com/836801
https://bugzilla.novell.com/837372
https://bugzilla.novell.com/837596
https://bugzilla.novell.com/837741
https://bugzilla.novell.com/837803
https://bugzilla.novell.com/838346
https://bugzilla.novell.com/838448
https://bugzilla.novell.com/839407
https://bugzilla.novell.com/839973
https://bugzilla.novell.com/840830
https://bugzilla.novell.com/841050
https://bugzilla.novell.com/841094
https://bugzilla.novell.com/841402
https://bugzilla.novell.com/841498
https://bugzilla.novell.com/841656
https://bugzilla.novell.com/842057
https://bugzilla.novell.com/842063
https://bugzilla.novell.com/842604
https://bugzilla.novell.com/842820
https://bugzilla.novell.com/843429
https://bugzilla.novell.com/843445
https://bugzilla.novell.com/843642
https://bugzilla.novell.com/843645
https://bugzilla.novell.com/843732
https://bugzilla.novell.com/843753
https://bugzilla.novell.com/843950
https://bugzilla.novell.com/844513
https://bugzilla.novell.com/845352
https://bugzilla.novell.com/847319
http://download.novell.com/patch/finder/?keywords=a82ba878ac66780ee782fc723…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1749-1: important: Security update for Linux kernel
by opensuse-security@opensuse.org 22 Nov '13
by opensuse-security@opensuse.org 22 Nov '13
22 Nov '13
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1749-1
Rating: important
References: #763463 #794824 #797526 #800875 #804950 #808079
#816099 #820848 #821259 #821465 #821948 #822433
#825291 #826102 #827246 #827416 #827966 #828714
#828894 #829682 #830985 #831029 #831143 #831380
#832292 #833097 #833151 #833321 #833588 #833635
#833820 #833858 #834204 #834600 #834905 #835094
#835189 #835684 #835930 #836218 #836347 #836801
#837372 #837596 #837741 #837803 #838346 #838448
#839407 #839973 #840830 #841050 #841094 #841402
#841498 #841656 #842057 #842063 #842604 #842820
#843429 #843445 #843642 #843645 #843732 #843753
#843950 #844513 #845352 #847319 #847721
Cross-References: CVE-2013-2206
Affected Products:
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise High Availability Extension 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________
An update that solves one vulnerability and has 70 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 3 kernel was
updated to version 3.0.101 and also includes various other
bug and security fixes.
The following features have been added:
* Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
* Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
* Drivers: hv: Move vmbus version definitions to
hyperv.h (FATE#314665).
The following security issue has been fixed:
* CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
in net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of service
(NULL pointer dereference and system crash) or possibly
have unspecified other impact via crafted SCTP traffic.
(bnc#826102)
The following non-security bugs have been fixed:
* mm, memcg: introduce own oom handler to iterate only
over its own threads.
* mm, memcg: move all oom handling to memcontrol.c.
* mm, oom: avoid looping when chosen thread detaches
its mm.
* mm, oom: fold oom_kill_task() into oom_kill_process().
* mm, oom: introduce helper function to process threads
during scan.
* mm, oom: reduce dependency on tasklist_lock (Reduce
tasklist_lock hold times) (bnc#821259).
* mm: do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times) (bnc#821259).
* iommu/vt-d: add quirk for broken interrupt remapping
on 55XX chipsets (bnc#844513).
* x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset (bnc#844513).
* iommu/vt-d: Only warn about broken interrupt
remapping (bnc#844513).
* iommu: Remove stack trace from broken irq remapping
warning (bnc#844513).
* intel-iommu: Fix leaks in pagetable freeing
(bnc#841402).
* Revert aer_recover_queue() __GENKSYMS__ hack, add a
fake symset with the previous value instead (bnc#847721).
* i2c: ismt: initialize DMA buffer (bnc#843753).
* powerpc/irq: Run softirqs off the top of the irq
stack (bnc#847319).
* quirks: add touchscreen that is dazzeled by remote
wakeup (bnc#835930).
* kernel: sclp console hangs (bnc#841498, LTC#95711).
* tty/hvc_iucv: Disconnect IUCV connection when
lowering DTR (bnc#839973,LTC#97595).
* tty/hvc_console: Add DTR/RTS callback to handle HUPCL
control (bnc#839973,LTC#97595).
* softirq: reduce latencies (bnc#797526).
* X.509: Remove certificate date checks (bnc#841656).
* config/debug: Enable FSCACHE_DEBUG and
CACHEFILES_DEBUG (bnc#837372).
* splice: fix racy pipe->buffers uses (bnc#827246).
* blktrace: fix race with open trace files and
directory removal (bnc#832292).
* rcu: Do not trigger false positive RCU stall
detection (bnc#834204).
* kernel: allow program interruption filtering in user
space (bnc#837596, LTC#97332).
* Audit: do not print error when LSMs disabled
(bnc#842057).
* SUNRPC: close a rare race in xs_tcp_setup_socket
(bnc#794824).
* Btrfs: fix negative qgroup tracking from owner
accounting (bnc#821948).
* cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields
(bnc#804950).
* NFS: make nfs_flush_incompatible more generous
(bnc#816099).
* xfs: growfs: use uncached buffers for new headers
(bnc#842604).
* NFS: do not try to use lock state when we hold a
delegation (bnc#831029).
* NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).
* fs: do_add_mount()/umount -l races (bnc#836801).
* xfs: avoid double-free in xfs_attr_node_addname.
* xfs: Check the return value of xfs_buf_get()
(bnc#842604).
* iscsi: do not hang in endless loop if no targets
present (bnc#841094).
* scsi_dh_alua: Allow get_alua_data() to return NULL
(bnc#839407).
* cifs: revalidate directories instiantiated via FIND_
in order to handle DFS referrals (bnc#831143).
* cifs: do not instantiate new dentries in readdir for
inodes that need to be revalidated immediately (bnc#831143).
* cifs: rename cifs_readdir_lookup to cifs_prime_dcache
and make it void return (bnc#831143).
* cifs: get rid of blind d_drop() in readdir
(bnc#831143).
* cifs: cleanup cifs_filldir (bnc#831143).
* cifs: on send failure, readjust server sequence
number downward (bnc#827966).
* cifs: adjust sequence number downward after signing
NT_CANCEL request (bnc#827966).
* cifs: on send failure, readjust server sequence
number downward (bnc#827966).
* cifs: adjust sequence number downward after signing
NT_CANCEL request (bnc#827966).
* reiserfs: fix race with flush_used_journal_lists and
flush_journal_list (bnc#837803).
* reiserfs: remove useless flush_old_journal_lists.
* lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt (bnc#763463).
* md: Throttle number of pending write requests in
md/raid10 (bnc#833858).
* dm: ignore merge_bvec for snapshots when safe
(bnc#820848).
* ata: Set proper SK when CK_COND is set (bnc#833588).
* Btrfs: abort unlink trans in missed error case.
* Btrfs: add all ioctl checks before user change for
quota operations.
* Btrfs: add a rb_tree to improve performance of ulist
search.
* Btrfs: add btrfs_fs_incompat helper.
* Btrfs: add ioctl to wait for qgroup rescan completion.
* Btrfs: add log message stubs.
* Btrfs: add missing error checks to
add_data_references.
* Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
handler.
* Btrfs: add missing error handling to read_tree_block.
* Btrfs: add missing mounting options in
btrfs_show_options().
* Btrfs: add sanity checks regarding to parsing mount
options.
* Btrfs: add some missing iput()s in
btrfs_orphan_cleanup.
* Btrfs: add tree block level sanity check.
* Btrfs: allocate new chunks if the space is not enough
for global rsv.
* Btrfs: allow file data clone within a file.
* Btrfs: allow superblock mismatch from older mkfs.
* Btrfs: annotate quota tree for lockdep.
* Btrfs: automatic rescan after "quota enable" command
(FATE#312751).
* Btrfs: change how we queue blocks for backref
checking.
* Btrfs: check if leafs parent exists before pushing
items around.
* Btrfs: check if we can nocow if we do not have data
space.
* Btrfs: check return value of commit when recovering
log.
* Btrfs: clean snapshots one by one.
* Btrfs: cleanup destroy_marked_extents.
* Btrfs: cleanup fs roots if we fail to mount.
* Btrfs: cleanup orphaned root orphan item.
* Btrfs: cleanup reloc roots properly on error.
* Btrfs: Cleanup some redundant codes in
btrfs_lookup_csums_range().
* Btrfs: clean up transaction abort messages.
* Btrfs: cleanup unused arguments of btrfs_csum_data.
* Btrfs: clear received_uuid field for new writable
snapshots.
* Btrfs: compare relevant parts of delayed tree refs.
* Btrfs: cover more error codes in btrfs_decode_error.
* Btrfs: creating the subvolume qgroup automatically
when enabling quota.
* Btrfs: deal with bad mappings in btrfs_map_block.
* Btrfs: deal with errors in write_dev_supers.
* Btrfs: deal with free space cache errors while
replaying log.
* Btrfs: deprecate subvolrootid mount option.
* Btrfs: do away with non-whole_page extent I/O.
* Btrfs: do delay iput in sync_fs.
* Btrfs: do not clear our orphan item runtime flag on
eexist.
* Btrfs: do not continue if out of memory happens.
* Btrfs: do not offset physical if we are compressed.
* Btrfs: do not pin while under spin lock.
* Btrfs: do not abort the current transaction if there
is no enough space for inode cache.
* Btrfs: do not allow a subvol to be deleted if it is
the default subovl.
* Btrfs: do not BUG_ON() in btrfs_num_copies.
* Btrfs: do not bug_on when we fail when cleaning up
transactions.
* Btrfs: do not call readahead hook until we have read
the entire eb.
* Btrfs: do not delete fs_roots until after we cleanup
the transaction.
* Btrfs: dont do log_removal in insert_new_root.
* Btrfs: do not force pages under writeback to finish
when aborting.
* Btrfs: do not ignore errors from
btrfs_run_delayed_items.
* Btrfs: do not invoke btrfs_invalidate_inodes() in the
spin lock context.
* Btrfs: do not miss inode ref items in
BTRFS_IOC_INO_LOOKUP.
* Btrfs: do not null pointer deref on abort.
* Btrfs: do not panic if we are trying to drop too many
refs.
* Btrfs: do not steal the reserved space from the
global reserve if their space type is different.
* Btrfs: do not stop searching after encountering the
wrong item.
* Btrfs: do not try and free ebs twice in log replay.
* Btrfs: do not use global block reservation for inode
cache truncation.
* Btrfs: do not wait on ordered extents if we have a
trans open.
* Btrfs: Drop inode if inode root is NULL.
* Btrfs: enhance superblock checks.
* Btrfs: exclude logged extents before replying when we
are mixed.
* Btrfs: explicitly use global_block_rsv for quota_tree.
* Btrfs: fall back to global reservation when removing
subvolumes.
* Btrfs: fix a bug of snapshot-aware defrag to make it
work on partial extents.
* Btrfs: fix accessing a freed tree root.
* Btrfs: fix accessing the root pointer in tree mod log
functions.
* Btrfs: fix all callers of read_tree_block.
* Btrfs: fix a warning when disabling quota.
* Btrfs: fix a warning when updating qgroup limit.
* Btrfs: fix backref walking when we hit a compressed
extent.
* Btrfs: fix bad extent logging.
* Btrfs: fix broken nocow after balance.
* Btrfs: fix confusing edquot happening case.
* Btrfs: fix double free in the iterate_extent_inodes().
* Btrfs: fix error handling in btrfs_ioctl_send().
* Btrfs: fix error handling in make/read block group.
* Btrfs: fix estale with btrfs send.
* Btrfs: fix extent buffer leak after backref walking.
* Btrfs: fix extent logging with O_DIRECT into prealloc.
* Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
specified.
* Btrfs: fix get set label blocking against balance.
* Btrfs: fix infinite loop when we abort on mount.
* Btrfs: fix inode leak on kmalloc failure in
tree-log.c.
* Btrfs: fix lockdep warning.
* Btrfs: fix lock leak when resuming snapshot deletion.
* Btrfs: fix memory leak of orphan block rsv.
* Btrfs: fix missing check about ulist_add() in
qgroup.c.
* Btrfs: fix missing check before creating a qgroup
relation.
* Btrfs: fix missing check in the
btrfs_qgroup_inherit().
* Btrfs: fix off-by-one in fiemap.
* Btrfs: fix oops when writing dirty qgroups to disk.
* Btrfs: fix possible infinite loop in slow caching.
* Btrfs: fix possible memory leak in replace_path().
* Btrfs: fix possible memory leak in the
find_parent_nodes().
* Btrfs: fix printing of non NULL terminated string.
* Btrfs: fix qgroup rescan resume on mount.
* Btrfs: fix reada debug code compilation.
* Btrfs: fix the error handling wrt orphan items.
* Btrfs: fix transaction throttling for delayed refs.
* Btrfs: fix tree mod log regression on root split
operations.
* Btrfs: fix unblocked autodefraggers when remount.
* Btrfs: fix unlock after free on rewinded tree blocks.
* Btrfs: fix unprotected root node of the subvolumes
inode rb-tree.
* Btrfs: fix use-after-free bug during umount.
* Btrfs: free csums when we are done scrubbing an
extent.
* Btrfs: handle errors returned from get_tree_block_key.
* Btrfs: handle errors when doing slow caching.
* Btrfs: hold the tree mod lock in
__tree_mod_log_rewind.
* Btrfs: ignore device open failures in
__btrfs_open_devices.
* Btrfs: improve the loop of scrub_stripe.
* Btrfs: improve the performance of the csums lookup.
* Btrfs: init relocate extent_io_tree with a mapping.
* Btrfs: introduce a mutex lock for btrfs quota
operations.
* Btrfs: kill some BUG_ONs() in the find_parent_nodes().
* Btrfs: log ram bytes properly.
* Btrfs: make __merge_refs() return type be void.
* Btrfs: make orphan cleanup less verbose.
* Btrfs: make static code static & remove dead code.
* Btrfs: make subvol creation/deletion killable in the
early stages.
* Btrfs: make sure roots are assigned before freeing
their nodes.
* Btrfs: make sure the backref walker catches all refs
to our extent.
* Btrfs: make the cleaner complete early when the fs is
going to be umounted.
* Btrfs: make the snap/subv deletion end more early
when the fs is R/O.
* Btrfs: merge save_error_info helpers into one.
* Btrfs: move the R/O check out of
btrfs_clean_one_deleted_snapshot().
* Btrfs: only do the tree_mod_log_free_eb if this is
our last ref.
* Btrfs: only exclude supers in the range of our block
group.
* Btrfs: optimize key searches in btrfs_search_slot.
* Btrfs: optimize the error handle of use_block_rsv().
* Btrfs: pause the space balance when remounting to R/O.
* Btrfs: put our inode if orphan cleanup fails.
* Btrfs: re-add root to dead root list if we stop
dropping it.
* Btrfs: read entire device info under lock.
* Btrfs: release both paths before logging dir/changed
extents.
* Btrfs: Release uuid_mutex for shrink during device
delete.
* Btrfs: remove almost all of the BUG()s from
tree-log.c.
* Btrfs: remove BUG_ON() in
btrfs_read_fs_tree_no_radix().
* Btrfs: remove ourselves from the cluster list under
lock.
* Btrfs: remove some BUG_ONs() when walking backref
tree.
* Btrfs: remove some unnecessary spin_lock usages.
* Btrfs: remove unnecessary ->s_umount in
cleaner_kthread().
* Btrfs: remove unused argument of fixup_low_keys().
* Btrfs: remove unused gfp mask parameter from
release_extent_buffer callchain.
* Btrfs: remove useless copy in quota_ctl.
* Btrfs: remove warn on in free space cache writeout.
* Btrfs: rescan for qgroups (FATE#312751).
* Btrfs: reset ret in record_one_backref.
* Btrfs: return ENOSPC when target space is full.
* Btrfs: return errno if possible when we fail to
allocate memory.
* Btrfs: return error code in
btrfs_check_trunc_cache_free_space().
* Btrfs: return error when we specify wrong start to
defrag.
* Btrfs: return free space in cow error path.
* Btrfs: separate sequence numbers for delayed ref
tracking and tree mod log.
* Btrfs: set UUID in root_item for created trees.
* Btrfs: share stop worker code.
* Btrfs: simplify unlink reservations.
* Btrfs: split btrfs_qgroup_account_ref into four
functions.
* Btrfs: stop all workers before cleaning up roots.
* Btrfs: stop using try_to_writeback_inodes_sb_nr to
flush delalloc.
* Btrfs: stop waiting on current trans if we aborted.
* Btrfs: unlock extent range on enospc in compressed
submit.
* Btrfs: update drop progress before stopping snapshot
dropping.
* Btrfs: update fixups from 3.11
* Btrfs: update the global reserve if it is empty.
* Btrfs: use helper to cleanup tree roots.
* Btrfs: use REQ_META for all metadata IO.
* Btrfs: use tree_root to avoid edquot when disabling
quota.
* Btrfs: use u64 for subvolid when parsing mount
options.
* Btrfs: use unsigned long type for extent state bits.
* Btrfs: various abort cleanups.
* Btrfs: wait ordered range before doing direct io.
* Btrfs: wake up delayed ref flushing waiters on abort.
* net/mlx4_en: Fix BlueFlame race (bnc#835684).
* ipv6: do not call fib6_run_gc() until routing is
ready (bnc#836218).
* ipv6: prevent fib6_run_gc() contention (bnc#797526).
* ipv6: update ip6_rt_last_gc every time GC is run
(bnc#797526).
* netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).
* netfilter: prevent race condition breaking net
reference counting (bnc#835094).
* net: remove skb_orphan_try() (bnc#834600).
* bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
(bnc#834905).
* sctp: deal with multiple COOKIE_ECHO chunks
(bnc#826102).
* mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
mlx4_ib_create_qp() (bnc#822433).
* drm/i915: disable sound first on intel_disable_ddi
(bnc#833151).
* drm/i915: HDMI/DP - ELD info refresh support for
Haswell (bnc#833151).
* drm/cirrus: This is a cirrus version of Egbert Eichs
patch for mgag200 (bnc#808079).
* drm/i915: Disable GGTT PTEs on GEN6+ suspend
(bnc#800875).
* drm/i915/hsw: Disable L3 caching of atomic memory
operations (bnc#800875).
* ALSA: hda - Re-setup HDMI pin and audio infoframe on
stream switches (bnc#833151).
* vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).
* mvsas: add support for 9480 device id (bnc#843950).
* r8169: fix argument in rtl_hw_init_8168g
(bnc#845352,bnc#842820).
* r8169: support RTL8168G (bnc#845352,bnc#842820).
* r8169: abstract out loop conditions
(bnc#845352,bnc#842820).
* r8169: mdio_ops signature change
(bnc#845352,bnc#842820).
* thp: reduce khugepaged freezing latency (khugepaged
blocking suspend-to-ram (bnc#825291)).
* bnx2x: Change to D3hot only on removal (bnc#838448).
* megaraid_sas: Disable controller reset for ppc
(bnc#841050).
* scsi_dh_alua: simplify alua_check_sense()
(bnc#843642).
* scsi_dh_alua: Fix missing close brace in
alua_check_sense (bnc#843642).
* scsi_dh_alua: retry command on "mode parameter
changed" sense code (bnc#843645).
* scsi_dh_alua: invalid state information for
"optimized" paths (bnc#843445).
* scsi_dh_alua: reattaching device handler fails with
"Error 15" (bnc#843429).
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: vmbus: Do not attempt to negoatiate a
new version prematurely.
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: vmbus: Terminate vmbus version
negotiation on timeout.
* Drivers: hv: vmbus: Fix a bug in the handling of
channel offers.
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: balloon: Initialize the transaction ID
just before sending the packet.
* Drivers: hv: util: Fix a bug in util version
negotiation code (bnc#838346).
* be2net: Check for POST state in suspend-resume
sequence (bnc#835189).
* be2net: bug fix on returning an invalid nic
descriptor (bnc#835189).
* be2net: provision VF resources before enabling SR-IOV
(bnc#835189).
* be2net: Fix firmware download for Lancer (bnc#835189).
* be2net: Fix to use version 2 of cq_create for
SkyHawk-R devices (bnc#835189).
* be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).
* be2net: Avoid flashing BE3 UFI on BE3-R chip
(bnc#835189).
* be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).
* writeback: Do not sync data dirtied after sync start
(bnc#833820).
* elousb: some systems cannot stomach work around
(bnc#840830,bnc#830985).
* bounce: allow use of bounce pool via config option
(Bounce memory pool initialisation (bnc#836347)).
* block: initialize the bounce pool if high memory may
be added later (Bounce memory pool initialisation
(bnc#836347)).
* bio-integrity: track owner of integrity payload
(bnc#831380).
* xhci: Fix spurious wakeups after S5 on Haswell
(bnc#833097).
* s390/cio: handle unknown pgroup state
(bnc#837741,LTC#97048).
* s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
* s390/cio: skip broken paths (bnc#837741,LTC#97048).
* s390/cio: dont abort verification after missing irq
(bnc#837741,LTC#97048).
* cio: add message for timeouts on internal I/O
(bnc#837741,LTC#97048).
* series.conf: disable XHCI ring expansion patches
because on machines with large memory they cause a
starvation problem (bnc#833635).
* Update EC2 config files (STRICT_DEVMEM off,
bnc#843732).
* Fixed Xen guest freezes (bnc#829682, bnc#842063).
* tools: hv: Improve error logging in VSS daemon.
* tools: hv: Check return value of poll call.
* tools: hv: Check return value of setsockopt call.
* Tools: hv: fix send/recv buffer allocation.
* Tools: hv: check return value of daemon to fix
compiler warning.
* Tools: hv: in kvp_set_ip_info free mac_addr right
after usage.
* Tools: hv: check return value of system in
hv_kvp_daemon.
* Tools: hv: correct payload size in netlink_send.
* Tools: hv: use full nlmsghdr in netlink_send.
* rpm/old-flavors, rpm/mkspec: Add version information
to obsolete flavors (bnc#821465).
* rpm/kernel-binary.spec.in: Move the xenpae obsolete
to the old-flavors file.
* rpm/old-flavors: Convert the old-packages.conf file
to a flat list.
* rpm/mkspec: Adjust.
* rpm/old-packages.conf: Delete.
* rpm/old-packages.conf: Drop bogus obsoletes for "smp"
(bnc#821465).
* rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned (bnc#821465).
* rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. (bnc#821465).
Security Issues:
* CVE-2013-2206
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-kernel-8525 slessp3-kernel-8528
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-kernel-8522 slessp3-kernel-8523 slessp3-kernel-8524 slessp3-kernel-8525 slessp3-kernel-8528
- SUSE Linux Enterprise High Availability Extension 11 SP3:
zypper in -t patch slehasp3-kernel-8522 slehasp3-kernel-8523 slehasp3-kernel-8524 slehasp3-kernel-8525 slehasp3-kernel-8528
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-kernel-8525 sledsp3-kernel-8528
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.8.1
kernel-default-base-3.0.101-0.8.1
kernel-default-devel-3.0.101-0.8.1
kernel-source-3.0.101-0.8.1
kernel-syms-3.0.101-0.8.1
kernel-trace-3.0.101-0.8.1
kernel-trace-base-3.0.101-0.8.1
kernel-trace-devel-3.0.101-0.8.1
kernel-xen-devel-3.0.101-0.8.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.8.1
kernel-pae-base-3.0.101-0.8.1
kernel-pae-devel-3.0.101-0.8.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.8.1
kernel-default-base-3.0.101-0.8.1
kernel-default-devel-3.0.101-0.8.1
kernel-source-3.0.101-0.8.1
kernel-syms-3.0.101-0.8.1
kernel-trace-3.0.101-0.8.1
kernel-trace-base-3.0.101-0.8.1
kernel-trace-devel-3.0.101-0.8.1
- SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.101]:
kernel-ec2-3.0.101-0.8.1
kernel-ec2-base-3.0.101-0.8.1
kernel-ec2-devel-3.0.101-0.8.1
kernel-xen-3.0.101-0.8.1
kernel-xen-base-3.0.101-0.8.1
kernel-xen-devel-3.0.101-0.8.1
xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9
- SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.101]:
kernel-default-man-3.0.101-0.8.1
- SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.101]:
kernel-ppc64-3.0.101-0.8.1
kernel-ppc64-base-3.0.101-0.8.1
kernel-ppc64-devel-3.0.101-0.8.1
- SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.8.1
kernel-pae-base-3.0.101-0.8.1
kernel-pae-devel-3.0.101-0.8.1
xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.101_0.8-2.27.22
cluster-network-kmp-trace-1.4_3.0.101_0.8-2.27.22
gfs2-kmp-default-2_3.0.101_0.8-0.16.28
gfs2-kmp-trace-2_3.0.101_0.8-0.16.28
ocfs2-kmp-default-1.6_3.0.101_0.8-0.20.22
ocfs2-kmp-trace-1.6_3.0.101_0.8-0.20.22
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.101_0.8-2.27.22
gfs2-kmp-xen-2_3.0.101_0.8-0.16.28
ocfs2-kmp-xen-1.6_3.0.101_0.8-0.20.22
- SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.101_0.8-2.27.22
gfs2-kmp-ppc64-2_3.0.101_0.8-0.16.28
ocfs2-kmp-ppc64-1.6_3.0.101_0.8-0.20.22
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586):
cluster-network-kmp-pae-1.4_3.0.101_0.8-2.27.22
gfs2-kmp-pae-2_3.0.101_0.8-0.16.28
ocfs2-kmp-pae-1.6_3.0.101_0.8-0.20.22
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.8.1
kernel-default-base-3.0.101-0.8.1
kernel-default-devel-3.0.101-0.8.1
kernel-default-extra-3.0.101-0.8.1
kernel-source-3.0.101-0.8.1
kernel-syms-3.0.101-0.8.1
kernel-trace-devel-3.0.101-0.8.1
kernel-xen-3.0.101-0.8.1
kernel-xen-base-3.0.101-0.8.1
kernel-xen-devel-3.0.101-0.8.1
kernel-xen-extra-3.0.101-0.8.1
xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9
- SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.8.1
kernel-pae-base-3.0.101-0.8.1
kernel-pae-devel-3.0.101-0.8.1
kernel-pae-extra-3.0.101-0.8.1
xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-0.8.1
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
kernel-xen-extra-3.0.101-0.8.1
- SLE 11 SERVER Unsupported Extras (ppc64):
kernel-ppc64-extra-3.0.101-0.8.1
- SLE 11 SERVER Unsupported Extras (i586):
kernel-pae-extra-3.0.101-0.8.1
References:
http://support.novell.com/security/cve/CVE-2013-2206.html
https://bugzilla.novell.com/763463
https://bugzilla.novell.com/794824
https://bugzilla.novell.com/797526
https://bugzilla.novell.com/800875
https://bugzilla.novell.com/804950
https://bugzilla.novell.com/808079
https://bugzilla.novell.com/816099
https://bugzilla.novell.com/820848
https://bugzilla.novell.com/821259
https://bugzilla.novell.com/821465
https://bugzilla.novell.com/821948
https://bugzilla.novell.com/822433
https://bugzilla.novell.com/825291
https://bugzilla.novell.com/826102
https://bugzilla.novell.com/827246
https://bugzilla.novell.com/827416
https://bugzilla.novell.com/827966
https://bugzilla.novell.com/828714
https://bugzilla.novell.com/828894
https://bugzilla.novell.com/829682
https://bugzilla.novell.com/830985
https://bugzilla.novell.com/831029
https://bugzilla.novell.com/831143
https://bugzilla.novell.com/831380
https://bugzilla.novell.com/832292
https://bugzilla.novell.com/833097
https://bugzilla.novell.com/833151
https://bugzilla.novell.com/833321
https://bugzilla.novell.com/833588
https://bugzilla.novell.com/833635
https://bugzilla.novell.com/833820
https://bugzilla.novell.com/833858
https://bugzilla.novell.com/834204
https://bugzilla.novell.com/834600
https://bugzilla.novell.com/834905
https://bugzilla.novell.com/835094
https://bugzilla.novell.com/835189
https://bugzilla.novell.com/835684
https://bugzilla.novell.com/835930
https://bugzilla.novell.com/836218
https://bugzilla.novell.com/836347
https://bugzilla.novell.com/836801
https://bugzilla.novell.com/837372
https://bugzilla.novell.com/837596
https://bugzilla.novell.com/837741
https://bugzilla.novell.com/837803
https://bugzilla.novell.com/838346
https://bugzilla.novell.com/838448
https://bugzilla.novell.com/839407
https://bugzilla.novell.com/839973
https://bugzilla.novell.com/840830
https://bugzilla.novell.com/841050
https://bugzilla.novell.com/841094
https://bugzilla.novell.com/841402
https://bugzilla.novell.com/841498
https://bugzilla.novell.com/841656
https://bugzilla.novell.com/842057
https://bugzilla.novell.com/842063
https://bugzilla.novell.com/842604
https://bugzilla.novell.com/842820
https://bugzilla.novell.com/843429
https://bugzilla.novell.com/843445
https://bugzilla.novell.com/843642
https://bugzilla.novell.com/843645
https://bugzilla.novell.com/843732
https://bugzilla.novell.com/843753
https://bugzilla.novell.com/843950
https://bugzilla.novell.com/844513
https://bugzilla.novell.com/845352
https://bugzilla.novell.com/847319
https://bugzilla.novell.com/847721
http://download.novell.com/patch/finder/?keywords=0c0af0004bc0563109dff9236…
http://download.novell.com/patch/finder/?keywords=2c018cfd8b6b78121b6365c69…
http://download.novell.com/patch/finder/?keywords=32e0346fa1aa6438c937e4826…
http://download.novell.com/patch/finder/?keywords=46a7d61b0cb602556c7b2bc02…
http://download.novell.com/patch/finder/?keywords=4b52e68f96bee7b4037dbfbd8…
http://download.novell.com/patch/finder/?keywords=5137aa2b6ba9426dc8a9fd456…
http://download.novell.com/patch/finder/?keywords=5302038940615a465c7370e94…
http://download.novell.com/patch/finder/?keywords=6b1ca8c711701ab3f6565187d…
http://download.novell.com/patch/finder/?keywords=a14631178ead7c39a27329f7e…
http://download.novell.com/patch/finder/?keywords=daca8d4524a4dbd82fa305218…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1677-3: important: Security update for IBM Java 7
by opensuse-security@opensuse.org 22 Nov '13
by opensuse-security@opensuse.org 22 Nov '13
22 Nov '13
SUSE Security Update: Security update for IBM Java 7
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1677-3
Rating: important
References: #849212
Cross-References: CVE-2013-3829 CVE-2013-4041 CVE-2013-5372
CVE-2013-5375 CVE-2013-5456 CVE-2013-5457
CVE-2013-5458 CVE-2013-5772 CVE-2013-5774
CVE-2013-5776 CVE-2013-5778 CVE-2013-5780
CVE-2013-5782 CVE-2013-5783 CVE-2013-5784
CVE-2013-5787 CVE-2013-5788 CVE-2013-5789
CVE-2013-5790 CVE-2013-5797 CVE-2013-5800
CVE-2013-5801 CVE-2013-5802 CVE-2013-5803
CVE-2013-5804 CVE-2013-5809 CVE-2013-5812
CVE-2013-5814 CVE-2013-5817 CVE-2013-5818
CVE-2013-5819 CVE-2013-5820 CVE-2013-5823
CVE-2013-5824 CVE-2013-5825 CVE-2013-5829
CVE-2013-5830 CVE-2013-5831 CVE-2013-5832
CVE-2013-5838 CVE-2013-5840 CVE-2013-5842
CVE-2013-5843 CVE-2013-5848 CVE-2013-5849
CVE-2013-5850 CVE-2013-5851
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Java 11 SP3
SUSE Linux Enterprise Java 11 SP2
______________________________________________________________________________
An update that fixes 47 vulnerabilities is now available.
Description:
IBM Java 7 SR6 has been released and fixes lots of bugs and
security issues.
More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Security Issue references:
* CVE-2013-5458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5458
>
* CVE-2013-5456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5456
>
* CVE-2013-5457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5457
>
* CVE-2013-4041
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4041
>
* CVE-2013-5375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5375
>
* CVE-2013-5372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5372
>
* CVE-2013-5843
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843
>
* CVE-2013-5789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789
>
* CVE-2013-5830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
>
* CVE-2013-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829
>
* CVE-2013-5787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787
>
* CVE-2013-5788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5788
>
* CVE-2013-5824
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824
>
* CVE-2013-5842
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
>
* CVE-2013-5782
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
>
* CVE-2013-5817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
>
* CVE-2013-5809
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
>
* CVE-2013-5814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
>
* CVE-2013-5832
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832
>
* CVE-2013-5850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850
>
* CVE-2013-5838
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838
>
* CVE-2013-5802
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
>
* CVE-2013-5812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812
>
* CVE-2013-5804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
>
* CVE-2013-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
>
* CVE-2013-3829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
>
* CVE-2013-5823
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
>
* CVE-2013-5831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831
>
* CVE-2013-5820
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
>
* CVE-2013-5819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819
>
* CVE-2013-5818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818
>
* CVE-2013-5848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848
>
* CVE-2013-5776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776
>
* CVE-2013-5774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
>
* CVE-2013-5825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
>
* CVE-2013-5840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
>
* CVE-2013-5801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801
>
* CVE-2013-5778
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
>
* CVE-2013-5851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851
>
* CVE-2013-5800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800
>
* CVE-2013-5784
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
>
* CVE-2013-5849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
>
* CVE-2013-5790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
>
* CVE-2013-5780
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
>
* CVE-2013-5797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
>
* CVE-2013-5803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
>
* CVE-2013-5772
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
>
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-java-1_7_0-ibm-8566
- SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp2-java-1_7_0-ibm-8565
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-java-1_7_0-ibm-8566
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-java-1_7_0-ibm-8566
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-java-1_7_0-ibm-8565
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-java-1_7_0-ibm-8565
- SUSE Linux Enterprise Java 11 SP3:
zypper in -t patch slejsp3-java-1_7_0-ibm-8566
- SUSE Linux Enterprise Java 11 SP2:
zypper in -t patch slejsp2-java-1_7_0-ibm-8565
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-devel-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-devel-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP3 (i586 x86_64):
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64):
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-devel-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Java 11 SP3 (i586 x86_64):
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64):
java-1_7_0-ibm-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-devel-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-jdbc-1.7.0_sr6.0-0.7.1
- SUSE Linux Enterprise Java 11 SP2 (i586 x86_64):
java-1_7_0-ibm-alsa-1.7.0_sr6.0-0.7.1
java-1_7_0-ibm-plugin-1.7.0_sr6.0-0.7.1
References:
http://support.novell.com/security/cve/CVE-2013-3829.html
http://support.novell.com/security/cve/CVE-2013-4041.html
http://support.novell.com/security/cve/CVE-2013-5372.html
http://support.novell.com/security/cve/CVE-2013-5375.html
http://support.novell.com/security/cve/CVE-2013-5456.html
http://support.novell.com/security/cve/CVE-2013-5457.html
http://support.novell.com/security/cve/CVE-2013-5458.html
http://support.novell.com/security/cve/CVE-2013-5772.html
http://support.novell.com/security/cve/CVE-2013-5774.html
http://support.novell.com/security/cve/CVE-2013-5776.html
http://support.novell.com/security/cve/CVE-2013-5778.html
http://support.novell.com/security/cve/CVE-2013-5780.html
http://support.novell.com/security/cve/CVE-2013-5782.html
http://support.novell.com/security/cve/CVE-2013-5783.html
http://support.novell.com/security/cve/CVE-2013-5784.html
http://support.novell.com/security/cve/CVE-2013-5787.html
http://support.novell.com/security/cve/CVE-2013-5788.html
http://support.novell.com/security/cve/CVE-2013-5789.html
http://support.novell.com/security/cve/CVE-2013-5790.html
http://support.novell.com/security/cve/CVE-2013-5797.html
http://support.novell.com/security/cve/CVE-2013-5800.html
http://support.novell.com/security/cve/CVE-2013-5801.html
http://support.novell.com/security/cve/CVE-2013-5802.html
http://support.novell.com/security/cve/CVE-2013-5803.html
http://support.novell.com/security/cve/CVE-2013-5804.html
http://support.novell.com/security/cve/CVE-2013-5809.html
http://support.novell.com/security/cve/CVE-2013-5812.html
http://support.novell.com/security/cve/CVE-2013-5814.html
http://support.novell.com/security/cve/CVE-2013-5817.html
http://support.novell.com/security/cve/CVE-2013-5818.html
http://support.novell.com/security/cve/CVE-2013-5819.html
http://support.novell.com/security/cve/CVE-2013-5820.html
http://support.novell.com/security/cve/CVE-2013-5823.html
http://support.novell.com/security/cve/CVE-2013-5824.html
http://support.novell.com/security/cve/CVE-2013-5825.html
http://support.novell.com/security/cve/CVE-2013-5829.html
http://support.novell.com/security/cve/CVE-2013-5830.html
http://support.novell.com/security/cve/CVE-2013-5831.html
http://support.novell.com/security/cve/CVE-2013-5832.html
http://support.novell.com/security/cve/CVE-2013-5838.html
http://support.novell.com/security/cve/CVE-2013-5840.html
http://support.novell.com/security/cve/CVE-2013-5842.html
http://support.novell.com/security/cve/CVE-2013-5843.html
http://support.novell.com/security/cve/CVE-2013-5848.html
http://support.novell.com/security/cve/CVE-2013-5849.html
http://support.novell.com/security/cve/CVE-2013-5850.html
http://support.novell.com/security/cve/CVE-2013-5851.html
https://bugzilla.novell.com/849212
http://download.novell.com/patch/finder/?keywords=ef51c242d9ef6e9ca30f64071…
http://download.novell.com/patch/finder/?keywords=f509561ef73c266408b23c081…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1748-1: important: Security update for Linux Kernel
by opensuse-security@opensuse.org 22 Nov '13
by opensuse-security@opensuse.org 22 Nov '13
22 Nov '13
SUSE Security Update: Security update for Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1748-1
Rating: important
References: #763463 #794824 #797526 #804950 #816099 #820848
#821259 #821465 #826102 #827246 #827416 #828714
#828894 #829682 #831029 #831143 #831380 #832292
#833321 #833588 #833635 #833820 #833858 #834204
#834600 #834905 #835094 #835684 #835930 #836218
#836347 #836801 #837372 #837803 #838346 #838448
#840830 #841094 #841402 #841498 #842063 #842604
#844513
Cross-References: CVE-2013-2206
Affected Products:
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise Desktop 11 SP2
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________
An update that solves one vulnerability and has 42 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 2 kernel was
updated to version 3.0.101 and also includes various other
bug and security fixes.
The following features have been added:
* Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
* Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
* Drivers: hv: Move vmbus version definitions to
hyperv.h (FATE#314665).
The following security issue has been fixed:
* CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
in net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of service
(NULL pointer dereference and system crash) or possibly
have unspecified other impact via crafted SCTP traffic.
(bnc#826102)
The following non-security bugs have been fixed:
* kernel: sclp console hangs (bnc#841498, LTC#95711).
* intel-iommu: Fix leaks in pagetable freeing
(bnc#841402).
* iommu/vt-d: add quirk for broken interrupt remapping
on 55XX chipsets (bnc#844513).
* x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset (bnc#844513).
* iommu/vt-d: Only warn about broken interrupt
remapping (bnc#844513).
* iommu: Remove stack trace from broken irq remapping
warning (bnc#844513).
* softirq: reduce latencies (bnc#797526).
* Fix lockup related to stop_machine being stuck in
__do_softirq (bnc#797526).
* splice: fix racy pipe->buffers uses (bnc#827246).
* blktrace: fix race with open trace files and
directory removal (bnc#832292).
* mm: Do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times (bnc#821259)).
* mm: Bounce memory pool initialisation (bnc#836347).
* mm, memcg: introduce own oom handler to iterate only
over its own threads.
* mm, memcg: move all oom handling to memcontrol.c.
* mm, oom: avoid looping when chosen thread detaches
its mm.
* mm, oom: fold oom_kill_task() into oom_kill_process().
* mm, oom: introduce helper function to process threads
during scan.
* mm, oom: reduce dependency on tasklist_lock.
* ipv6: do not call fib6_run_gc() until routing is
ready (bnc#836218).
* ipv6: prevent fib6_run_gc() contention (bnc#797526).
* ipv6: update ip6_rt_last_gc every time GC is run
(bnc#797526).
* net/mlx4_en: Fix BlueFlame race (bnc#835684).
* netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).
* netfilter: prevent race condition breaking net
reference counting (bnc#835094).
* net: remove skb_orphan_try() (bnc#834600).
* bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
(bnc#834905).
* sctp: deal with multiple COOKIE_ECHO chunks
(bnc#826102).
* SUNRPC: close a rare race in xs_tcp_setup_socket
(bnc#794824).
* NFS: make nfs_flush_incompatible more generous
(bnc#816099).
* NFS: do not try to use lock state when we hold a
delegation (bnc#831029).
* nfs_lookup_revalidate(): fix a leak (bnc#828894).
* xfs: growfs: use uncached buffers for new headers
(bnc#842604).
* xfs: Check the return value of xfs_buf_get()
(bnc#842604).
* xfs: avoid double-free in xfs_attr_node_addname.
* do_add_mount()/umount -l races (bnc#836801).
* cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields
(bnc#804950).
* cifs: Fix EREMOTE errors encountered on DFS links
(bnc#831143).
* reiserfs: fix race with flush_used_journal_lists and
flush_journal_list (bnc#837803).
* reiserfs: remove useless flush_old_journal_lists.
* fs: writeback: Do not sync data dirtied after sync
start (bnc#833820).
* rcu: Do not trigger false positive RCU stall
detection (bnc#834204).
* lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt (bnc#763463).
* bnx2x: Change to D3hot only on removal (bnc#838448).
* vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).
* Drivers: hv: Support handling multiple VMBUS versions
(fate#314665).
* Drivers: hv: Save and export negotiated vmbus version
(fate#314665).
* Drivers: hv: Move vmbus version definitions to
hyperv.h (fate#314665).
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: util: Fix a bug in util version
negotiation code (bnc#838346).
* iscsi: do not hang in endless loop if no targets
present (bnc#841094).
* ata: Set proper SK when CK_COND is set (bnc#833588).
* md: Throttle number of pending write requests in
md/raid10 (bnc#833858).
* dm: ignore merge_bvec for snapshots when safe
(bnc#820848).
* elousb: some systems cannot stomach work around
(bnc#840830).
* bio-integrity: track owner of integrity payload
(bnc#831380).
* quirks: add touchscreen that is dazzeled by remote
wakeup (bnc#835930).
* Fixed Xen guest freezes (bnc#829682, bnc#842063).
* config/debug: Enable FSCACHE_DEBUG and
CACHEFILES_DEBUG (bnc#837372).
* series.conf: disable XHCI ring expansion patches
because on machines with large memory they cause a
starvation problem (bnc#833635).
* rpm/old-flavors, rpm/mkspec: Add version information
to obsolete flavors (bnc#821465).
* rpm/kernel-binary.spec.in: Move the xenpae obsolete
to the old-flavors file.
* rpm/old-flavors: Convert the old-packages.conf file
to a flat list.
* rpm/old-packages.conf: Drop bogus obsoletes for "smp"
(bnc#821465).
* rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned (bnc#821465).
* rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. (bnc#821465).
Security Issue references:
* CVE-2013-2206
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-kernel-8516 slessp2-kernel-8518
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-kernel-8509 slessp2-kernel-8514 slessp2-kernel-8515 slessp2-kernel-8516 slessp2-kernel-8518
- SUSE Linux Enterprise High Availability Extension 11 SP2:
zypper in -t patch sleshasp2-kernel-8509 sleshasp2-kernel-8514 sleshasp2-kernel-8515 sleshasp2-kernel-8516 sleshasp2-kernel-8518
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-kernel-8516 sledsp2-kernel-8518
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.5.1
kernel-default-base-3.0.101-0.5.1
kernel-default-devel-3.0.101-0.5.1
kernel-source-3.0.101-0.5.1
kernel-syms-3.0.101-0.5.1
kernel-trace-3.0.101-0.5.1
kernel-trace-base-3.0.101-0.5.1
kernel-trace-devel-3.0.101-0.5.1
kernel-xen-devel-3.0.101-0.5.1
xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.5.1
kernel-pae-base-3.0.101-0.5.1
kernel-pae-devel-3.0.101-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.5.1
kernel-default-base-3.0.101-0.5.1
kernel-default-devel-3.0.101-0.5.1
kernel-source-3.0.101-0.5.1
kernel-syms-3.0.101-0.5.1
kernel-trace-3.0.101-0.5.1
kernel-trace-base-3.0.101-0.5.1
kernel-trace-devel-3.0.101-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.101]:
kernel-ec2-3.0.101-0.5.1
kernel-ec2-base-3.0.101-0.5.1
kernel-ec2-devel-3.0.101-0.5.1
kernel-xen-3.0.101-0.5.1
kernel-xen-base-3.0.101-0.5.1
kernel-xen-devel-3.0.101-0.5.1
xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5
xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5
- SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.101]:
kernel-default-man-3.0.101-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.101]:
kernel-ppc64-3.0.101-0.5.1
kernel-ppc64-base-3.0.101-0.5.1
kernel-ppc64-devel-3.0.101-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.5.1
kernel-pae-base-3.0.101-0.5.1
kernel-pae-devel-3.0.101-0.5.1
xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.101_0.5-2.18.69
cluster-network-kmp-trace-1.4_3.0.101_0.5-2.18.69
gfs2-kmp-default-2_3.0.101_0.5-0.7.98
gfs2-kmp-trace-2_3.0.101_0.5-0.7.98
ocfs2-kmp-default-1.6_3.0.101_0.5-0.11.68
ocfs2-kmp-trace-1.6_3.0.101_0.5-0.11.68
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.101_0.5-2.18.69
gfs2-kmp-xen-2_3.0.101_0.5-0.7.98
ocfs2-kmp-xen-1.6_3.0.101_0.5-0.11.68
- SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.101_0.5-2.18.69
gfs2-kmp-ppc64-2_3.0.101_0.5-0.7.98
ocfs2-kmp-ppc64-1.6_3.0.101_0.5-0.11.68
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):
cluster-network-kmp-pae-1.4_3.0.101_0.5-2.18.69
gfs2-kmp-pae-2_3.0.101_0.5-0.7.98
ocfs2-kmp-pae-1.6_3.0.101_0.5-0.11.68
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.5.1
kernel-default-base-3.0.101-0.5.1
kernel-default-devel-3.0.101-0.5.1
kernel-default-extra-3.0.101-0.5.1
kernel-source-3.0.101-0.5.1
kernel-syms-3.0.101-0.5.1
kernel-trace-3.0.101-0.5.1
kernel-trace-base-3.0.101-0.5.1
kernel-trace-devel-3.0.101-0.5.1
kernel-trace-extra-3.0.101-0.5.1
kernel-xen-3.0.101-0.5.1
kernel-xen-base-3.0.101-0.5.1
kernel-xen-devel-3.0.101-0.5.1
kernel-xen-extra-3.0.101-0.5.1
xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5
xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5
- SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.5.1
kernel-pae-base-3.0.101-0.5.1
kernel-pae-devel-3.0.101-0.5.1
kernel-pae-extra-3.0.101-0.5.1
xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
ext4-writeable-kmp-default-0_3.0.101_0.5-0.14.79
ext4-writeable-kmp-trace-0_3.0.101_0.5-0.14.79
kernel-default-extra-3.0.101-0.5.1
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
ext4-writeable-kmp-xen-0_3.0.101_0.5-0.14.79
kernel-xen-extra-3.0.101-0.5.1
- SLE 11 SERVER Unsupported Extras (ppc64):
ext4-writeable-kmp-ppc64-0_3.0.101_0.5-0.14.79
kernel-ppc64-extra-3.0.101-0.5.1
- SLE 11 SERVER Unsupported Extras (i586):
ext4-writeable-kmp-pae-0_3.0.101_0.5-0.14.79
kernel-pae-extra-3.0.101-0.5.1
References:
http://support.novell.com/security/cve/CVE-2013-2206.html
https://bugzilla.novell.com/763463
https://bugzilla.novell.com/794824
https://bugzilla.novell.com/797526
https://bugzilla.novell.com/804950
https://bugzilla.novell.com/816099
https://bugzilla.novell.com/820848
https://bugzilla.novell.com/821259
https://bugzilla.novell.com/821465
https://bugzilla.novell.com/826102
https://bugzilla.novell.com/827246
https://bugzilla.novell.com/827416
https://bugzilla.novell.com/828714
https://bugzilla.novell.com/828894
https://bugzilla.novell.com/829682
https://bugzilla.novell.com/831029
https://bugzilla.novell.com/831143
https://bugzilla.novell.com/831380
https://bugzilla.novell.com/832292
https://bugzilla.novell.com/833321
https://bugzilla.novell.com/833588
https://bugzilla.novell.com/833635
https://bugzilla.novell.com/833820
https://bugzilla.novell.com/833858
https://bugzilla.novell.com/834204
https://bugzilla.novell.com/834600
https://bugzilla.novell.com/834905
https://bugzilla.novell.com/835094
https://bugzilla.novell.com/835684
https://bugzilla.novell.com/835930
https://bugzilla.novell.com/836218
https://bugzilla.novell.com/836347
https://bugzilla.novell.com/836801
https://bugzilla.novell.com/837372
https://bugzilla.novell.com/837803
https://bugzilla.novell.com/838346
https://bugzilla.novell.com/838448
https://bugzilla.novell.com/840830
https://bugzilla.novell.com/841094
https://bugzilla.novell.com/841402
https://bugzilla.novell.com/841498
https://bugzilla.novell.com/842063
https://bugzilla.novell.com/842604
https://bugzilla.novell.com/844513
http://download.novell.com/patch/finder/?keywords=014f991484d20757de9526cb2…
http://download.novell.com/patch/finder/?keywords=241c1cd269f2d6c946750be92…
http://download.novell.com/patch/finder/?keywords=29adfe67e725d67c311a0d762…
http://download.novell.com/patch/finder/?keywords=2f6d9dd2345e27452c0f4f840…
http://download.novell.com/patch/finder/?keywords=43bef7672074508c7f5cb7f86…
http://download.novell.com/patch/finder/?keywords=4b0266473a79db08cd217a901…
http://download.novell.com/patch/finder/?keywords=6143e2e6aa3e373197bc1dfda…
http://download.novell.com/patch/finder/?keywords=6f18fc180df1025daa721c72d…
http://download.novell.com/patch/finder/?keywords=e004410f0af237e1cc306eea3…
http://download.novell.com/patch/finder/?keywords=e10aac7447253ec336025bc03…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1744-1: important: Security update for Real Time Linux Kernel
by opensuse-security@opensuse.org 22 Nov '13
by opensuse-security@opensuse.org 22 Nov '13
22 Nov '13
SUSE Security Update: Security update for Real Time Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1744-1
Rating: important
References: #763463 #794824 #797526 #804950 #816099 #820848
#821259 #821465 #826102 #827246 #827416 #828714
#828894 #829682 #831029 #831143 #831380 #832292
#833321 #833588 #833635 #833820 #833858 #834204
#834600 #834905 #835094 #835684 #835930 #836218
#836347 #836801 #837372 #837803 #838346 #838448
#840830 #841094 #841402 #841498 #842063 #842604
#844513
Cross-References: CVE-2013-2206
Affected Products:
SUSE Linux Enterprise Real Time 11 SP2
______________________________________________________________________________
An update that solves one vulnerability and has 42 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 2 kernel for
RealTime was updated to version 3.0.101 and also includes
various other bug and security fixes.
The following features have been added:
* Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
* Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
* Drivers: hv: Move vmbus version definitions to
hyperv.h (FATE#314665).
The following security issue has been fixed:
* CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
in net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of service
(NULL pointer dereference and system crash) or possibly
have unspecified other impact via crafted SCTP traffic.
(bnc#826102)
The following non-security bugs have been fixed:
* mm: Do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times (bnc#821259)).
* mm, memcg: introduce own oom handler to iterate only
over its own threads.
* mm, memcg: move all oom handling to memcontrol.c.
* mm, oom: avoid looping when chosen thread detaches
its mm.
* mm, oom: fold oom_kill_task() into oom_kill_process().
* mm, oom: introduce helper function to process threads
during scan.
* mm, oom: reduce dependency on tasklist_lock.
* kernel: sclp console hangs (bnc#841498, LTC#95711).
* splice: fix racy pipe->buffers uses (bnc#827246).
* blktrace: fix race with open trace files and
directory removal (bnc#832292).
* Set proper SK when CK_COND is set (bnc#833588).
* iommu/vt-d: add quirk for broken interrupt remapping
on 55XX chipsets (bnc#844513).
* x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset (bnc#844513).
* iommu/vt-d: Only warn about broken interrupt
remapping (bnc#844513).
* iommu: Remove stack trace from broken irq remapping
warning (bnc#844513).
* intel-iommu: Fix leaks in pagetable freeing
(bnc#841402).
* softirq: reduce latencies (bnc#797526).
* softirq: Fix lockup related to stop_machine being
stuck in __do_softirq (bnc#797526).
* bounce: Bounce memory pool initialisation (bnc#836347)
* writeback: Do not sync data dirtied after sync start
(bnc#833820).
* config//debug: Enable FSCACHE_DEBUG and
CACHEFILES_DEBUG (bnc#837372).
* Fixed Xen guest freezes (bnc#829682, bnc#842063).
* SUNRPC: close a rare race in xs_tcp_setup_socket
(bnc#794824).
* NFS: make nfs_flush_incompatible more generous
(bnc#816099).
* NFS: don't try to use lock state when we hold a
delegation (bnc#831029).
* nfs_lookup_revalidate(): fix a leak (bnc#828894).
* fs: do_add_mount()/umount -l races (bnc#836801).
* cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields
(bnc#804950).
* cifs: Fix EREMOTE errors encountered on DFS links
(bnc#831143).
* xfs: growfs: use uncached buffers for new headers
(bnc#842604).
* xfs: avoid double-free in xfs_attr_node_addname.
* xfs: Check the return value of xfs_buf_get()
(bnc#842604).
* iscsi: don't hang in endless loop if no targets
present (bnc#841094).
* reiserfs: fix race with flush_used_journal_lists and
flush_journal_list (bnc#837803).
* md: Throttle number of pending write requests in
md/raid10 (bnc#833858).
* dm: ignore merge_bvec for snapshots when safe
(bnc#820848).
* rcu: Do not trigger false positive RCU stall
detection (bnc#834204).
* net/mlx4_en: Fix BlueFlame race (bnc#835684).
* net: remove skb_orphan_try() (bnc#834600).
* bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
(bnc#834905).
* ipv6: don't call fib6_run_gc() until routing is ready
(bnc#836218).
* ipv6: prevent fib6_run_gc() contention (bnc#797526).
* ipv6: update ip6_rt_last_gc every time GC is run
(bnc#797526).
* netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853
bugzilla.netfilter.org:714).
* netfilter: prevent race condition breaking net
reference counting (bnc#835094).
* sctp: deal with multiple COOKIE_ECHO chunks
(bnc#826102).
* quirks: add touchscreen that is dazzeled by remote
wakeup (bnc#835930).
* bnx2x: Change to D3hot only on removal (bnc#838448).
* vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).
* Drivers: hv: util: Fix a bug in version negotiation
code for util services (bnc#828714).
* Drivers: hv: util: Correctly support ws2008R2 and
earlier (bnc#838346).
* Drivers: hv: util: Fix a bug in util version
negotiation code (bnc#838346).
* elousb: some systems cannot stomach work around
(bnc#840830).
* bio-integrity: track owner of integrity payload
(bnc#831380).
* lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt (bnc#763463).
* series.conf: disable XHCI ring expansion patches
because on machines with large memory they cause a
starvation problem (bnc#833635)
* rpm/old-flavors, rpm/mkspec: Add version information
to obsolete flavors (bnc#821465).
* rpm/kernel-binary.spec.in: Move the xenpae obsolete
to the old-flavors file.
* rpm/old-flavors: Convert the old-packages.conf file
to a flat list.
* rpm/old-packages.conf: Drop bogus obsoletes for "smp"
(bnc#821465).
* rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned (bnc#821465).
* rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. (bnc#821465).
* sched/workqueue: Only wake up idle workers if not
blocked on sleeping spin lock.
* genirq: Set irq thread to RT priority on creation.
* timers: prepare for full preemption improve.
* kernel/cpu: fix cpu down problem if kthread's cpu is
going down.
* kernel/hotplug: restore original cpu mask oncpu/down.
* drm/i915: drop trace_i915_gem_ring_dispatch on rt.
* rt,ntp: Move call to schedule_delayed_work() to
helper thread.
* hwlat-detector: Update hwlat_detector to add outer
loop detection.
* hwlat-detect/trace: Export trace_clock_local for
hwlat-detector.
* hwlat-detector: Use trace_clock_local if available.
* hwlat-detector: Use thread instead of stop machine.
* genirq: do not invoke the affinity callback via a
workqueue.
Security Issues:
* CVE-2013-2206
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
>
Indications:
Everyone using the Real Time Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time 11 SP2:
zypper in -t patch slertesp2-kernel-8546
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time 11 SP2 (x86_64) [New Version: 3.0.101.rt130]:
cluster-network-kmp-rt-1.4_3.0.101_rt130_0.5-2.18.71
cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.5-2.18.71
drbd-kmp-rt-8.4.2_3.0.101_rt130_0.5-0.6.6.62
drbd-kmp-rt_trace-8.4.2_3.0.101_rt130_0.5-0.6.6.62
iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.5-0.25.25.10
iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.5-0.25.25.10
kernel-rt-3.0.101.rt130-0.5.1
kernel-rt-base-3.0.101.rt130-0.5.1
kernel-rt-devel-3.0.101.rt130-0.5.1
kernel-rt_trace-3.0.101.rt130-0.5.1
kernel-rt_trace-base-3.0.101.rt130-0.5.1
kernel-rt_trace-devel-3.0.101.rt130-0.5.1
kernel-source-rt-3.0.101.rt130-0.5.1
kernel-syms-rt-3.0.101.rt130-0.5.1
lttng-modules-kmp-rt-2.0.4_3.0.101_rt130_0.5-0.9.9.1
lttng-modules-kmp-rt_trace-2.0.4_3.0.101_rt130_0.5-0.9.9.1
ocfs2-kmp-rt-1.6_3.0.101_rt130_0.5-0.11.70
ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.5-0.11.70
ofed-kmp-rt-1.5.2_3.0.101_rt130_0.5-0.28.28.42
ofed-kmp-rt_trace-1.5.2_3.0.101_rt130_0.5-0.28.28.42
References:
http://support.novell.com/security/cve/CVE-2013-2206.html
https://bugzilla.novell.com/763463
https://bugzilla.novell.com/794824
https://bugzilla.novell.com/797526
https://bugzilla.novell.com/804950
https://bugzilla.novell.com/816099
https://bugzilla.novell.com/820848
https://bugzilla.novell.com/821259
https://bugzilla.novell.com/821465
https://bugzilla.novell.com/826102
https://bugzilla.novell.com/827246
https://bugzilla.novell.com/827416
https://bugzilla.novell.com/828714
https://bugzilla.novell.com/828894
https://bugzilla.novell.com/829682
https://bugzilla.novell.com/831029
https://bugzilla.novell.com/831143
https://bugzilla.novell.com/831380
https://bugzilla.novell.com/832292
https://bugzilla.novell.com/833321
https://bugzilla.novell.com/833588
https://bugzilla.novell.com/833635
https://bugzilla.novell.com/833820
https://bugzilla.novell.com/833858
https://bugzilla.novell.com/834204
https://bugzilla.novell.com/834600
https://bugzilla.novell.com/834905
https://bugzilla.novell.com/835094
https://bugzilla.novell.com/835684
https://bugzilla.novell.com/835930
https://bugzilla.novell.com/836218
https://bugzilla.novell.com/836347
https://bugzilla.novell.com/836801
https://bugzilla.novell.com/837372
https://bugzilla.novell.com/837803
https://bugzilla.novell.com/838346
https://bugzilla.novell.com/838448
https://bugzilla.novell.com/840830
https://bugzilla.novell.com/841094
https://bugzilla.novell.com/841402
https://bugzilla.novell.com/841498
https://bugzilla.novell.com/842063
https://bugzilla.novell.com/842604
https://bugzilla.novell.com/844513
http://download.novell.com/patch/finder/?keywords=9b7b4d9abfb4ec87d3d2090a6…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2013:1737-1: important: flash-player to 11.2.202.327
by opensuse-security@opensuse.org 21 Nov '13
by opensuse-security@opensuse.org 21 Nov '13
21 Nov '13
openSUSE Security Update: flash-player to 11.2.202.327
______________________________________________________________________________
Announcement ID: openSUSE-SU-2013:1737-1
Rating: important
References: #850220
Cross-References: CVE-2013-5329 CVE-2013-5330
Affected Products:
openSUSE 13.1:NonFree
openSUSE 12.3:NonFree
openSUSE 12.2:NonFree
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
Adobe Flash Player was updated to 11.2.202.327: (bnc#850220)
* APSB13-26, CVE-2013-5329, CVE-2013-5330
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:NonFree:
zypper in -t patch openSUSE-2013-879
- openSUSE 12.3:NonFree:
zypper in -t patch openSUSE-2013-879
- openSUSE 12.2:NonFree:
zypper in -t patch openSUSE-2013-879
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1:NonFree (i586 x86_64):
flash-player-11.2.202.327-14.1
flash-player-gnome-11.2.202.327-14.1
flash-player-kde4-11.2.202.327-14.1
- openSUSE 12.3:NonFree (i586 x86_64):
flash-player-11.2.202.327-2.40.1
flash-player-gnome-11.2.202.327-2.40.1
flash-player-kde4-11.2.202.327-2.40.1
- openSUSE 12.2:NonFree (i586 x86_64):
flash-player-11.2.202.327-1.64.1
flash-player-gnome-11.2.202.327-1.64.1
flash-player-kde4-11.2.202.327-1.64.1
References:
http://support.novell.com/security/cve/CVE-2013-5329.html
http://support.novell.com/security/cve/CVE-2013-5330.html
https://bugzilla.novell.com/850220
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2013:1677-2: important: Security update for Java 6
by opensuse-security@opensuse.org 19 Nov '13
by opensuse-security@opensuse.org 19 Nov '13
19 Nov '13
SUSE Security Update: Security update for Java 6
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1677-2
Rating: important
References: #849212
Cross-References: CVE-2013-3829 CVE-2013-4041 CVE-2013-5372
CVE-2013-5375 CVE-2013-5456 CVE-2013-5457
CVE-2013-5458 CVE-2013-5772 CVE-2013-5774
CVE-2013-5776 CVE-2013-5778 CVE-2013-5780
CVE-2013-5782 CVE-2013-5783 CVE-2013-5784
CVE-2013-5787 CVE-2013-5788 CVE-2013-5789
CVE-2013-5790 CVE-2013-5797 CVE-2013-5800
CVE-2013-5801 CVE-2013-5802 CVE-2013-5803
CVE-2013-5804 CVE-2013-5809 CVE-2013-5812
CVE-2013-5814 CVE-2013-5817 CVE-2013-5818
CVE-2013-5819 CVE-2013-5820 CVE-2013-5823
CVE-2013-5824 CVE-2013-5825 CVE-2013-5829
CVE-2013-5830 CVE-2013-5831 CVE-2013-5832
CVE-2013-5838 CVE-2013-5840 CVE-2013-5842
CVE-2013-5843 CVE-2013-5848 CVE-2013-5849
CVE-2013-5850 CVE-2013-5851
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 10 SP4 LTSS
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Java 11 SP3
SUSE Linux Enterprise Java 11 SP2
______________________________________________________________________________
An update that fixes 47 vulnerabilities is now available.
Description:
IBM Java 6 SR15 has been released which fixes lots of bugs
and security issues.
More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Security Issue references:
* CVE-2013-5458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5458
>
* CVE-2013-5456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5456
>
* CVE-2013-5457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5457
>
* CVE-2013-4041
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4041
>
* CVE-2013-5375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5375
>
* CVE-2013-5372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5372
>
* CVE-2013-5843
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843
>
* CVE-2013-5789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789
>
* CVE-2013-5830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
>
* CVE-2013-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829
>
* CVE-2013-5787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787
>
* CVE-2013-5788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5788
>
* CVE-2013-5824
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824
>
* CVE-2013-5842
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
>
* CVE-2013-5782
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
>
* CVE-2013-5817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
>
* CVE-2013-5809
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
>
* CVE-2013-5814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
>
* CVE-2013-5832
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832
>
* CVE-2013-5850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850
>
* CVE-2013-5838
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838
>
* CVE-2013-5802
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
>
* CVE-2013-5812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812
>
* CVE-2013-5804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
>
* CVE-2013-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
>
* CVE-2013-3829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
>
* CVE-2013-5823
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
>
* CVE-2013-5831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831
>
* CVE-2013-5820
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
>
* CVE-2013-5819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819
>
* CVE-2013-5818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818
>
* CVE-2013-5848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848
>
* CVE-2013-5776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776
>
* CVE-2013-5774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
>
* CVE-2013-5825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
>
* CVE-2013-5840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
>
* CVE-2013-5801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801
>
* CVE-2013-5778
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
>
* CVE-2013-5851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851
>
* CVE-2013-5800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800
>
* CVE-2013-5784
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
>
* CVE-2013-5849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
>
* CVE-2013-5790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
>
* CVE-2013-5780
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
>
* CVE-2013-5797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
>
* CVE-2013-5803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
>
* CVE-2013-5772
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-java-1_6_0-ibm-8550
- SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp2-java-1_6_0-ibm-8549
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-java-1_6_0-ibm-8550
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-java-1_6_0-ibm-8550
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-java-1_6_0-ibm-8549
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-java-1_6_0-ibm-8549
- SUSE Linux Enterprise Server 11 SP1 LTSS:
zypper in -t patch slessp1-java-1_6_0-ibm-8557
- SUSE Linux Enterprise Java 11 SP3:
zypper in -t patch slejsp3-java-1_6_0-ibm-8550
- SUSE Linux Enterprise Java 11 SP2:
zypper in -t patch slejsp2-java-1_6_0-ibm-8549
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP3 (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP3 (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP2 (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 11 SP1 LTSS (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.14.1
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.14.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.14.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.14.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):
java-1_6_0-ibm-32bit-1.6.0_sr15.0-0.14.1
java-1_6_0-ibm-devel-32bit-1.6.0_sr15.0-0.14.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.14.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64):
java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.0-0.14.1
java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.0-0.14.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.14.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.9.9.1
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.9.9.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.9.9.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.9.9.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):
java-1_6_0-ibm-32bit-1.6.0_sr15.0-0.9.9.1
java-1_6_0-ibm-devel-32bit-1.6.0_sr15.0-0.9.9.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.9.9.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64):
java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.0-0.9.9.1
java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.0-0.9.9.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.9.9.1
- SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Java 11 SP3 (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Java 11 SP3 (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64):
java-1_6_0-ibm-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-devel-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Java 11 SP2 (i586 x86_64):
java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1
- SUSE Linux Enterprise Java 11 SP2 (i586):
java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1
References:
http://support.novell.com/security/cve/CVE-2013-3829.html
http://support.novell.com/security/cve/CVE-2013-4041.html
http://support.novell.com/security/cve/CVE-2013-5372.html
http://support.novell.com/security/cve/CVE-2013-5375.html
http://support.novell.com/security/cve/CVE-2013-5456.html
http://support.novell.com/security/cve/CVE-2013-5457.html
http://support.novell.com/security/cve/CVE-2013-5458.html
http://support.novell.com/security/cve/CVE-2013-5772.html
http://support.novell.com/security/cve/CVE-2013-5774.html
http://support.novell.com/security/cve/CVE-2013-5776.html
http://support.novell.com/security/cve/CVE-2013-5778.html
http://support.novell.com/security/cve/CVE-2013-5780.html
http://support.novell.com/security/cve/CVE-2013-5782.html
http://support.novell.com/security/cve/CVE-2013-5783.html
http://support.novell.com/security/cve/CVE-2013-5784.html
http://support.novell.com/security/cve/CVE-2013-5787.html
http://support.novell.com/security/cve/CVE-2013-5788.html
http://support.novell.com/security/cve/CVE-2013-5789.html
http://support.novell.com/security/cve/CVE-2013-5790.html
http://support.novell.com/security/cve/CVE-2013-5797.html
http://support.novell.com/security/cve/CVE-2013-5800.html
http://support.novell.com/security/cve/CVE-2013-5801.html
http://support.novell.com/security/cve/CVE-2013-5802.html
http://support.novell.com/security/cve/CVE-2013-5803.html
http://support.novell.com/security/cve/CVE-2013-5804.html
http://support.novell.com/security/cve/CVE-2013-5809.html
http://support.novell.com/security/cve/CVE-2013-5812.html
http://support.novell.com/security/cve/CVE-2013-5814.html
http://support.novell.com/security/cve/CVE-2013-5817.html
http://support.novell.com/security/cve/CVE-2013-5818.html
http://support.novell.com/security/cve/CVE-2013-5819.html
http://support.novell.com/security/cve/CVE-2013-5820.html
http://support.novell.com/security/cve/CVE-2013-5823.html
http://support.novell.com/security/cve/CVE-2013-5824.html
http://support.novell.com/security/cve/CVE-2013-5825.html
http://support.novell.com/security/cve/CVE-2013-5829.html
http://support.novell.com/security/cve/CVE-2013-5830.html
http://support.novell.com/security/cve/CVE-2013-5831.html
http://support.novell.com/security/cve/CVE-2013-5832.html
http://support.novell.com/security/cve/CVE-2013-5838.html
http://support.novell.com/security/cve/CVE-2013-5840.html
http://support.novell.com/security/cve/CVE-2013-5842.html
http://support.novell.com/security/cve/CVE-2013-5843.html
http://support.novell.com/security/cve/CVE-2013-5848.html
http://support.novell.com/security/cve/CVE-2013-5849.html
http://support.novell.com/security/cve/CVE-2013-5850.html
http://support.novell.com/security/cve/CVE-2013-5851.html
https://bugzilla.novell.com/849212
http://download.novell.com/patch/finder/?keywords=17a9db88ef351844a3d8a3520…
http://download.novell.com/patch/finder/?keywords=59cacab82a07026e7b534dd6b…
http://download.novell.com/patch/finder/?keywords=63037b81cb4f45a6e8f55663f…
http://download.novell.com/patch/finder/?keywords=92a6b678be36dd2d8ecf92f74…
http://download.novell.com/patch/finder/?keywords=bfac4cdb47e4e427915042169…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2013:1726-1: important: openssh: security fix for remote code execution with AES-GCM
by opensuse-security@opensuse.org 18 Nov '13
by opensuse-security@opensuse.org 18 Nov '13
18 Nov '13
openSUSE Security Update: openssh: security fix for remote code execution with AES-GCM
______________________________________________________________________________
Announcement ID: openSUSE-SU-2013:1726-1
Rating: important
References: #849536
Cross-References: CVE-2013-4548
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
openssh was updated to fix a memory corruption when AES-GCM
is used which could lead to remote code execution after
successful authentication. (CVE-2013-4548)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2013-875
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
openssh-6.2p2-3.4.1
openssh-askpass-gnome-6.2p2-3.4.1
openssh-askpass-gnome-debuginfo-6.2p2-3.4.1
openssh-debuginfo-6.2p2-3.4.1
openssh-debugsource-6.2p2-3.4.1
References:
http://support.novell.com/security/cve/CVE-2013-4548.html
https://bugzilla.novell.com/849536
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0