April 2014 - openSUSE Security Announce

[security-announce] openSUSE-SU-2014:0585-1: critical: update for flash-player
by opensuse-security＠opensuse.org 30 Apr '14

30 Apr '14

openSUSE Security Update: update for flash-player ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0585-1 Rating: critical References: #875577 Cross-References: CVE-2014-0515 Affected Products: openSUSE 13.1:NonFree openSUSE 12.3:NonFree ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This flash-player update fixes a critical buffer overflow vulnerability that leads to arbitrary code execution. The flash-player package was updated to version 11.2.202.356. * bnc#875577, APSB14-13, CVE-2014-0515 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1:NonFree: zypper in -t patch openSUSE-2014-322 - openSUSE 12.3:NonFree: zypper in -t patch openSUSE-2014-322 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1:NonFree (i586 x86_64): flash-player-11.2.202.356-46.1 flash-player-gnome-11.2.202.356-46.1 flash-player-kde4-11.2.202.356-46.1 - openSUSE 12.3:NonFree (i586 x86_64): flash-player-11.2.202.356-2.72.1 flash-player-gnome-11.2.202.356-2.72.1 flash-player-kde4-11.2.202.356-2.72.1 References: http://support.novell.com/security/cve/CVE-2014-0515.html https://bugzilla.novell.com/875577 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2014:0584-1: important: MozillaThunderbird,seamonkey
by opensuse-security＠opensuse.org 30 Apr '14

30 Apr '14

openSUSE Security Update: MozillaThunderbird,seamonkey ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0584-1 Rating: important References: #868603 Cross-References: CVE-2014-1493 CVE-2014-1494 CVE-2014-1497 CVE-2014-1498 CVE-2014-1499 CVE-2014-1500 CVE-2014-1502 CVE-2014-1504 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: Mozilla Thunderbird was updated to 24.4.0. Mozilla SeaMonkey was updated to 2.25. * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards * MFSA 2014-17/CVE-2014-1497 (bmo#966311) Out of bounds read during WAV file decoding * MFSA 2014-18/CVE-2014-1498 (bmo#935618) crypto.generateCRMFRequest does not validate type of key * MFSA 2014-19/CVE-2014-1499 (bmo#961512) Spoofing attack on WebRTC permission prompt * MFSA 2014-20/CVE-2014-1500 (bmo#956524) onbeforeunload and Javascript navigation DOS * MFSA 2014-22/CVE-2014-1502 (bmo#972622) WebGL content injection from one domain to rendering in another * MFSA 2014-23/CVE-2014-1504 (bmo#911547) Content Security Policy for data: documents not preserved by session restore * MFSA 2014-26/CVE-2014-1508 (bmo#963198) Information disclosure through polygon rendering in MathML * MFSA 2014-27/CVE-2014-1509 (bmo#966021) Memory corruption in Cairo during PDF font rendering * MFSA 2014-28/CVE-2014-1505 (bmo#941887) SVG filters information disclosure through feDisplacementMap * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909) Privilege escalation using WebIDL-implemented APIs * MFSA 2014-30/CVE-2014-1512 (bmo#982957) Use-after-free in TypeObject * MFSA 2014-31/CVE-2014-1513 (bmo#982974) Out-of-bounds read/write through neutering ArrayBuffer objects * MFSA 2014-32/CVE-2014-1514 (bmo#983344) Out-of-bounds write through TypedArrayObject after neutering Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-321 - openSUSE 12.3: zypper in -t patch openSUSE-2014-321 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): MozillaThunderbird-24.4.0-70.15.8 MozillaThunderbird-buildsymbols-24.4.0-70.15.8 MozillaThunderbird-debuginfo-24.4.0-70.15.8 MozillaThunderbird-debugsource-24.4.0-70.15.8 MozillaThunderbird-devel-24.4.0-70.15.8 MozillaThunderbird-translations-common-24.4.0-70.15.8 MozillaThunderbird-translations-other-24.4.0-70.15.8 enigmail-1.6.0+24.4.0-70.15.8 enigmail-debuginfo-1.6.0+24.4.0-70.15.8 seamonkey-2.25-16.7 seamonkey-debuginfo-2.25-16.7 seamonkey-debugsource-2.25-16.7 seamonkey-dom-inspector-2.25-16.7 seamonkey-irc-2.25-16.7 seamonkey-translations-common-2.25-16.7 seamonkey-translations-other-2.25-16.7 seamonkey-venkman-2.25-16.7 - openSUSE 12.3 (i586 x86_64): MozillaThunderbird-24.4.0-61.43.5 MozillaThunderbird-buildsymbols-24.4.0-61.43.5 MozillaThunderbird-debuginfo-24.4.0-61.43.5 MozillaThunderbird-debugsource-24.4.0-61.43.5 MozillaThunderbird-devel-24.4.0-61.43.5 MozillaThunderbird-translations-common-24.4.0-61.43.5 MozillaThunderbird-translations-other-24.4.0-61.43.5 enigmail-1.6.0+24.4.0-61.43.5 enigmail-debuginfo-1.6.0+24.4.0-61.43.5 seamonkey-2.25-1.41.5 seamonkey-debuginfo-2.25-1.41.5 seamonkey-debugsource-2.25-1.41.5 seamonkey-dom-inspector-2.25-1.41.5 seamonkey-irc-2.25-1.41.5 seamonkey-translations-common-2.25-1.41.5 seamonkey-translations-other-2.25-1.41.5 seamonkey-venkman-2.25-1.41.5 References: http://support.novell.com/security/cve/CVE-2014-1493.html http://support.novell.com/security/cve/CVE-2014-1494.html http://support.novell.com/security/cve/CVE-2014-1497.html http://support.novell.com/security/cve/CVE-2014-1498.html http://support.novell.com/security/cve/CVE-2014-1499.html http://support.novell.com/security/cve/CVE-2014-1500.html http://support.novell.com/security/cve/CVE-2014-1502.html http://support.novell.com/security/cve/CVE-2014-1504.html http://support.novell.com/security/cve/CVE-2014-1505.html http://support.novell.com/security/cve/CVE-2014-1508.html http://support.novell.com/security/cve/CVE-2014-1509.html http://support.novell.com/security/cve/CVE-2014-1510.html http://support.novell.com/security/cve/CVE-2014-1511.html http://support.novell.com/security/cve/CVE-2014-1512.html http://support.novell.com/security/cve/CVE-2014-1513.html http://support.novell.com/security/cve/CVE-2014-1514.html https://bugzilla.novell.com/868603 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0548-1: important: Security update for jakarta-commons-fileupload
by opensuse-security＠opensuse.org 17 Apr '14

17 Apr '14

SUSE Security Update: Security update for jakarta-commons-fileupload ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0548-1 Rating: important References: #862781 Cross-References: CVE-2014-0050 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a security issue with jakarta-commons-fileupload: * bnc#862781: denial of service due to too-small buffer size used (CVE-2014-0050) Security Issue reference: * CVE-2014-0050 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-jakarta-commons-fileupload-9087 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-jakarta-commons-fileupload-9087 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): jakarta-commons-fileupload-1.1.1-1.37.1 jakarta-commons-fileupload-javadoc-1.1.1-1.37.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): jakarta-commons-fileupload-1.1.1-1.37.1 jakarta-commons-fileupload-javadoc-1.1.1-1.37.1 References: http://support.novell.com/security/cve/CVE-2014-0050.html https://bugzilla.novell.com/862781 http://download.suse.com/patch/finder/?keywords=ba380f7e3fc44242f7f8d403bdc… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0537-1: important: Security update for Linux kernel
by opensuse-security＠opensuse.org 17 Apr '14

17 Apr '14

SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0537-1 Rating: important References: #599263 #769035 #769644 #793727 #798050 #805114 #805740 #820434 #823618 #827670 #833968 #844513 #845378 #845621 #846654 #846790 #846984 #847672 #848055 #849364 #849855 #851603 #852153 #852488 #852967 #853052 #853162 #853166 #853455 #854025 #854445 #854516 #855825 #855885 #856848 #857358 #857643 #857919 #858534 #858604 #858831 #859225 #859342 #861093 #862796 #862957 #863178 #863526 #864025 #864058 #864833 #864880 #865342 #865783 #866253 #866428 #870801 Cross-References: CVE-2013-4470 CVE-2013-6368 CVE-2013-6885 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-0069 Affected Products: SUSE Linux Enterprise Real Time Extension 11 SP3 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has 50 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 3 RealTime Extension kernel has been updated to fix various bugs and security issues. ------------------------------------------------------------ ------------ WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58 (revisions 0x12, 0x13, 0x22), please make sure to read the following support document before installing this update: https://www.suse.com/support/kb/doc.php?id=7014344 <https://www.suse.com/support/kb/doc.php?id=7014344> You will have to update your KVM setup to no longer make use of PCI pass-through before rebooting to the updated kernel. ------------------------------------------------------------ ------------ The following security bugs have been fixed: * CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. (bnc#847672) * CVE-2013-6368: The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. (bnc#853052) * CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. (bnc#852967) * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643) * CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) * CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) * CVE-2014-0069: The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. (bnc#864025) Also the following non-security bugs have been fixed: * sched/rt: Fix rqs cpupri leak while enqueue/dequeue child RT entities. * sched/rt: Use root_domain of rt_rq not current processor (bnc#857919). * kernel: oops due to linkage stack instructions (bnc#862796, LTC#103860). * kabi: protect symbols modified by bnc#864833 fix (bnc#864833). * kabi: protect bind_conflict callback in struct inet_connection_sock_af_ops (bnc#823618). * mm: mempolicy: fix mbind_range() && vma_adjust() interaction (VM Functionality (bnc#866428)). * mm: merging memory blocks resets mempolicy (VM Functionality (bnc#866428)). * mm/page-writeback.c: do not count anon pages as dirtyable memory (High memory utilisation performance (bnc#859225)). * mm: vmscan: Do not force reclaim file pages until it exceeds anon (High memory utilisation performance (bnc#859225)). * mm: vmscan: fix endless loop in kswapd balancing (High memory utilisation performance (bnc#859225)). * mm: vmscan: Update rotated and scanned when force reclaimed (High memory utilisation performance (bnc#859225)). * mm: fix return type for functions nr_free_*_pages kabi fixup (bnc#864058). * mm: fix return type for functions nr_free_*_pages (bnc#864058). * mm: swap: Use swapfiles in priority order (Use swap files in priority order (bnc#862957)). * mm: exclude memory less nodes from zone_reclaim (bnc#863526). * mm: reschedule to avoid RCU stall triggering during boot of large machines (bnc#820434,bnc#852153). * arch/x86: Fix incorrect config symbol in #ifdef (bnc#844513). * arch/x86/mm/srat: Skip NUMA_NO_NODE while parsing SLIT (bnc#863178). * vmscan: change type of vm_total_pages to unsigned long (bnc#864058). * crypto: s390 - fix des and des3_ede ctr concurrency issue (bnc#862796, LTC#103744). * crypto: s390 - fix concurrency issue in aes-ctr mode (bnc#862796, LTC#103742). * X.509: Fix certificate gathering (bnc#805114). * dump: Fix dump memory detection (bnc#862796,LTC#103575). * lockd: send correct lock when granting a delayed lock (bnc#859342). * nohz: Check for nohz active instead of nohz enabled (bnc#846790). * nohz: Fix another inconsistency between CONFIG_NO_HZ=n and nohz=off (bnc#846790). * futex: move user address verification up to common code (bnc#851603). * futexes: Clean up various details (bnc#851603). * futexes: Increase hash table size for better performance (bnc#851603). * futexes: Document multiprocessor ordering guarantees (bnc#851603). * futexes: Avoid taking the hb->lock if there is nothing to wake up (bnc#851603). * efifb: prevent null-deref when iterating dmi_list (bnc#848055). * x86/PCI: reduce severity of host bridge window conflict warnings (bnc#858534). * x86/dumpstack: Fix printk_address for direct addresses (bnc#845621). * ipv6 routing, NLM_F_* flag support: REPLACE and EXCL flags support, warn about missing CREATE flag (bnc#865783). * ipv6: send router reachability probe if route has an unreachable gateway (bnc#853162). * inet: handle rt{,6}_bind_peer() failure correctly (bnc#870801). * inet: Avoid potential NULL peer dereference (bnc#864833). * inet: Hide route peer accesses behind helpers (bnc#864833). * inet: Pass inetpeer root into inet_getpeer*() interfaces (bnc#864833). * tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968). * tcp: syncookies: reduce mss table to four values (bnc#833968). * tcp: bind() fix autoselection to share ports (bnc#823618). * tcp: bind() use stronger condition for bind_conflict (bnc#823618). * tcp: ipv6: bind() use stronger condition for bind_conflict (bnc#823618). * net: change type of virtio_chan->p9_max_pages (bnc#864058). * sctp: Implement quick failover draft from tsvwg (bnc#827670). * ipvs: fix AF assignment in ip_vs_conn_new() (bnc#856848). * net: Do not enable tx-nocache-copy by default (bnc#845378). * macvlan: introduce IFF_MACVLAN flag and helper function (bnc#846984). * macvlan: introduce macvlan_dev_real_dev() helper function (bnc#846984). * macvlan: disable LRO on lower device instead of macvlan (bnc#846984). * dlm: remove get_comm (bnc#827670). * dlm: Avoid LVB truncation (bnc#827670). * dlm: disable nagle for SCTP (bnc#827670). * dlm: retry failed SCTP sends (bnc#827670). * dlm: try other IPs when sctp init assoc fails (bnc#827670). * dlm: clear correct bit during sctp init failure handling (bnc#827670). * dlm: set sctp assoc id during setup (bnc#827670). * dlm: clear correct init bit during sctp setup (bnc#827670). * dlm: fix deadlock between dlm_send and dlm_controld (bnc#827670). * dlm: fix return value from lockspace_busy() (bnc#827670). * NFSD/sunrpc: avoid deadlock on TCP connection due to memory pressure (bnc#853455). * ncpfs: fix rmdir returns Device or resource busy (bnc#864880). * btrfs: bugfix collection * fs/fs-cache: Handle removal of unadded object to the fscache_object_list rb tree (bnc#855885). * fs/nfsd: change type of max_delegations, nfsd_drc_max_mem and nfsd_drc_mem_used (bnc#864058). * fs/nfs: Avoid occasional hang with NFS (bnc#852488). * fs/buffer.c: change type of max_buffer_heads to unsigned long (bnc#864058). * dm-multipath: abort all requests when failing a path (bnc#798050). * dm-multipath: Do not stall on invalid ioctls (bnc#865342). * scsi: kABI fixes (bnc#798050). * scsi: remove check for "resetting" (bnc#798050). * scsi: Add "eh_deadline" to limit SCSI EH runtime (bnc#798050). * scsi: Allow error handling timeout to be specified (bnc#798050). * scsi: Fixup compilation warning (bnc#798050). * scsi: Retry failfast commands after EH (bnc#798050). * scsi: Warn on invalid command completion (bnc#798050). * scsi: cleanup setting task state in scsi_error_handler() (bnc#798050). * scsi_dh_alua: fixup misplaced brace in alua_initialize() (bnc#858831). * scsi_dh_alua: fixup RTPG retry delay miscalculation (bnc#854025). * scsi_dh_alua: Simplify state machine (bnc#854025). * scsi_dh_alua: endless STPG retries for a failed LUN (bnc#865342). * scsi_dh_rdac: Add new IBM 1813 product id to rdac devlist (bnc#846654). * xhci: Fix resume issues on Renesas chips in Samsung laptops (bnc#866253). * bonding: disallow enslaving a bond to itself (bnc#599263). * net/mlx4_en: Fix pages never dma unmapped on rx (bnc#858604). * USB: hub: handle -ETIMEDOUT during enumeration (bnc#855825). * powerpc: Add VDSO version of getcpu (fate#316816, bnc#854445). * privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093). * audit: dynamically allocate audit_names when not enough space is in the names array (bnc#857358). * audit: make filetype matching consistent with other filters (bnc#857358). * mpt2sas: Fix unsafe using smp_processor_id() in preemptible (bnc#853166). * balloon: do not crash in HVM-with-PoD guests. * hwmon: (coretemp) Fix truncated name of alarm attributes. * rtc-cmos: Add an alarm disable quirk (bnc#805740). * md: Change handling of save_raid_disk and metadata update during recovery (bnc#849364). * s390: Avoid kabi change due to newly visible structures. * s390/pci: remove PCI/MSI interruption class (FATE#83037, LTC#94737). * advansys: Remove "last_reset" references (bnc#798050). * dc395: Move "last_reset" into internal host structure (bnc#798050). * dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050). * dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (bnc#798050). * tmscsim: Move "last_reset" into host structure (bnc#798050). * bnx2x: remove false warning regarding interrupt number (bnc#769035). * block: factor out vector mergeable decision to a helper function (bnc#769644). * block: modify __bio_add_page check to accept pages that do not start a new segment (bnc#769644). * HID: multitouch: Add support for NextWindow 0340 touchscreen (bnc#849855). * HID: multitouch: Add support for Qaunta 3027 touchscreen (bnc#854516). * HID: multitouch: add support for Atmel 212c touchscreen (bnc#793727). * HID: multitouch: partial support of win8 devices (bnc#854516,bnc#793727,bnc#849855). * HID: hid-multitouch: add support for the IDEACOM 6650 chip (bnc#854516,bnc#793727,bnc#849855). Security Issue references: * CVE-2013-4470 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470 > * CVE-2013-6368 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6368 > * CVE-2013-6885 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 > * CVE-2013-7263 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263 > * CVE-2013-7264 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264 > * CVE-2013-7265 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265 > * CVE-2014-0069 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069 > Indications: Everyone using the Real Time Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11 SP3: zypper in -t patch slertesp3-kernel-9114 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 11 SP3 (x86_64) [New Version: 3.0.101.rt130]: cluster-network-kmp-rt-1.4_3.0.101_rt130_0.14-2.27.55 cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.14-2.27.55 drbd-kmp-rt-8.4.4_3.0.101_rt130_0.14-0.22.21 drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.14-0.22.21 iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.14-0.38.40 iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.14-0.38.40 kernel-rt-3.0.101.rt130-0.14.1 kernel-rt-base-3.0.101.rt130-0.14.1 kernel-rt-devel-3.0.101.rt130-0.14.1 kernel-rt_trace-3.0.101.rt130-0.14.1 kernel-rt_trace-base-3.0.101.rt130-0.14.1 kernel-rt_trace-devel-3.0.101.rt130-0.14.1 kernel-source-rt-3.0.101.rt130-0.14.1 kernel-syms-rt-3.0.101.rt130-0.14.1 lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.14-0.11.36 lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.14-0.11.36 ocfs2-kmp-rt-1.6_3.0.101_rt130_0.14-0.20.55 ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.14-0.20.55 ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.14-0.13.46 ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.14-0.13.46 References: http://support.novell.com/security/cve/CVE-2013-4470.html http://support.novell.com/security/cve/CVE-2013-6368.html http://support.novell.com/security/cve/CVE-2013-6885.html http://support.novell.com/security/cve/CVE-2013-7263.html http://support.novell.com/security/cve/CVE-2013-7264.html http://support.novell.com/security/cve/CVE-2013-7265.html http://support.novell.com/security/cve/CVE-2014-0069.html https://bugzilla.novell.com/599263 https://bugzilla.novell.com/769035 https://bugzilla.novell.com/769644 https://bugzilla.novell.com/793727 https://bugzilla.novell.com/798050 https://bugzilla.novell.com/805114 https://bugzilla.novell.com/805740 https://bugzilla.novell.com/820434 https://bugzilla.novell.com/823618 https://bugzilla.novell.com/827670 https://bugzilla.novell.com/833968 https://bugzilla.novell.com/844513 https://bugzilla.novell.com/845378 https://bugzilla.novell.com/845621 https://bugzilla.novell.com/846654 https://bugzilla.novell.com/846790 https://bugzilla.novell.com/846984 https://bugzilla.novell.com/847672 https://bugzilla.novell.com/848055 https://bugzilla.novell.com/849364 https://bugzilla.novell.com/849855 https://bugzilla.novell.com/851603 https://bugzilla.novell.com/852153 https://bugzilla.novell.com/852488 https://bugzilla.novell.com/852967 https://bugzilla.novell.com/853052 https://bugzilla.novell.com/853162 https://bugzilla.novell.com/853166 https://bugzilla.novell.com/853455 https://bugzilla.novell.com/854025 https://bugzilla.novell.com/854445 https://bugzilla.novell.com/854516 https://bugzilla.novell.com/855825 https://bugzilla.novell.com/855885 https://bugzilla.novell.com/856848 https://bugzilla.novell.com/857358 https://bugzilla.novell.com/857643 https://bugzilla.novell.com/857919 https://bugzilla.novell.com/858534 https://bugzilla.novell.com/858604 https://bugzilla.novell.com/858831 https://bugzilla.novell.com/859225 https://bugzilla.novell.com/859342 https://bugzilla.novell.com/861093 https://bugzilla.novell.com/862796 https://bugzilla.novell.com/862957 https://bugzilla.novell.com/863178 https://bugzilla.novell.com/863526 https://bugzilla.novell.com/864025 https://bugzilla.novell.com/864058 https://bugzilla.novell.com/864833 https://bugzilla.novell.com/864880 https://bugzilla.novell.com/865342 https://bugzilla.novell.com/865783 https://bugzilla.novell.com/866253 https://bugzilla.novell.com/866428 https://bugzilla.novell.com/870801 http://download.suse.com/patch/finder/?keywords=8d7793c0cc8432bc1d41b3b09ab… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0536-1: important: Security update for Linux kernel
by opensuse-security＠opensuse.org 16 Apr '14

16 Apr '14

SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0536-1 Rating: important References: #702014 #703156 #790920 #798050 #805226 #806219 #808827 #809889 #809891 #809892 #809893 #809894 #809898 #809899 #809900 #809901 #809903 #811354 #816668 #820338 #822722 #823267 #824295 #825052 #826102 #826551 #827362 #827749 #827750 #827855 #827983 #828119 #830344 #831058 #832603 #835839 #842239 #843430 #845028 #847672 #848321 #849765 #850241 #851095 #852558 #853501 #857597 #858869 #858870 #858872 Cross-References: CVE-2011-2492 CVE-2011-2494 CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2012-6541 CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6547 CVE-2012-6549 CVE-2013-0343 CVE-2013-0914 CVE-2013-1827 CVE-2013-2141 CVE-2013-2164 CVE-2013-2206 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2888 CVE-2013-2893 CVE-2013-2897 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235 CVE-2013-4162 CVE-2013-4387 CVE-2013-4470 CVE-2013-4483 CVE-2013-4588 CVE-2013-6383 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that solves 42 vulnerabilities and has 8 fixes is now available. Description: The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. The following security issues have been addressed: * CVE-2011-2492: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. (bnc#702014) * CVE-2011-2494: kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password. (bnc#703156) * CVE-2012-6537: net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. (bnc#809889) * CVE-2012-6539: The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809891) * CVE-2012-6540: The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809892) * CVE-2012-6541: The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809893) * CVE-2012-6542: The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. (bnc#809894) * CVE-2012-6544: The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. (bnc#809898) * CVE-2012-6545: The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. (bnc#809899) * CVE-2012-6546: The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809900) * CVE-2012-6547: The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809901) * CVE-2012-6549: The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. (bnc#809903) * CVE-2013-0343: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (bnc#805226) * CVE-2013-0914: The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. (bnc#808827) * CVE-2013-1827: net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call. (bnc#811354) * CVE-2013-2141: The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. (bnc#823267) * CVE-2013-2164: The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. (bnc#824295) * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. (bnc#826102) * CVE-2013-2232: The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface. (bnc#827750) * CVE-2013-2234: The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. (bnc#827749) * CVE-2013-2237: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. (bnc#828119) * CVE-2013-2888: Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID. (bnc#835839) * CVE-2013-2893: The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c. (bnc#835839) * CVE-2013-2897: Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device. (bnc#835839) * CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3223: The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3224: The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3228: The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3229: The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3231: The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3232: The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3234: The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-3235: net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (bnc#816668) * CVE-2013-4162: The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. (bnc#831058) * CVE-2013-4387: net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. (bnc#843430) * CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. (bnc#847672) * CVE-2013-4483: The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application. (bnc#848321) * CVE-2013-4588: Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. (bnc#851095) * CVE-2013-6383: The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (bnc#852558) * CVE-2014-1444: The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. (bnc#858869) * CVE-2014-1445: The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call. (bnc#858870) * CVE-2014-1446: The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. (bnc#858872) Also the following non-security bugs have been fixed: * kernel: Remove newline from execve audit log (bnc#827855). * kernel: sclp console hangs (bnc#830344, LTC#95711). * kernel: fix flush_tlb_kernel_range (bnc#825052, LTC#94745). * kernel: lost IPIs on CPU hotplug (bnc#825052, LTC#94784). * sctp: deal with multiple COOKIE_ECHO chunks (bnc#826102). * net: Uninline kfree_skb and allow NULL argument (bnc#853501). * netback: don't disconnect frontend when seeing oversize packet. * netfront: reduce gso_max_size to account for max TCP header. * fs/dcache: Avoid race in d_splice_alias and vfs_rmdir (bnc#845028). * fs/proc: proc_task_lookup() fix memory pinning (bnc#827362 bnc#849765). * blkdev_max_block: make private to fs/buffer.c (bnc#820338). * vfs: avoid "attempt to access beyond end of device" warnings (bnc#820338). * vfs: fix O_DIRECT read past end of block device (bnc#820338). * cifs: don't use CIFSGetSrvInodeNumber in is_path_accessible (bnc#832603). * xfs: Fix kABI breakage caused by AIL list transformation (bnc#806219). * xfs: Replace custom AIL linked-list code with struct list_head (bnc#806219). * reiserfs: fix problems with chowning setuid file w/ xattrs (bnc#790920). * reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). * jbd: Fix forever sleeping process in do_get_write_access() (bnc#827983). * HID: check for NULL field when setting values (bnc#835839). * HID: provide a helper for validating hid reports (bnc#835839). * bcm43xx: netlink deadlock fix (bnc#850241). * bnx2: Close device if tx_timeout reset fails (bnc#857597). * xfrm: invalidate dst on policy insertion/deletion (bnc#842239). * xfrm: prevent ipcomp scratch buffer race condition (bnc#842239). * lpfc: Update to 8.2.0.106 (bnc#798050). * Make lpfc task management timeout configurable (bnc#798050). * dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050). * dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (bnc#798050). * advansys: Remove 'last_reset' references (bnc#798050). * tmscsim: Move 'last_reset' into host structure (bnc#798050). * dc395: Move 'last_reset' into internal host structure (bnc#798050). * scsi: remove check for 'resetting' (bnc#798050). * scsi: Allow error handling timeout to be specified (bnc#798050). * scsi: Eliminate error handler overload of the SCSI serial number (bnc#798050). * scsi: Reduce sequential pointer derefs in scsi_error.c and reduce size as well (bnc#798050). * scsi: Reduce error recovery time by reducing use of TURs (bnc#798050). * scsi: fix eh wakeup (scsi_schedule_eh vs scsi_restart_operations) * scsi: cleanup setting task state in scsi_error_handler() (bnc#798050). * scsi: Add 'eh_deadline' to limit SCSI EH runtime (bnc#798050). * scsi: Fixup compilation warning (bnc#798050). * scsi: fc class: fix scanning when devs are offline (bnc#798050). * scsi: Warn on invalid command completion (bnc#798050). * scsi: Retry failfast commands after EH (bnc#798050). * scsi: kABI fixes (bnc#798050). Security Issue references: * CVE-2011-2492 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492 > * CVE-2011-2494 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2494 > * CVE-2012-6537 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6537 > * CVE-2012-6539 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6539 > * CVE-2012-6540 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6540 > * CVE-2012-6541 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6541 > * CVE-2012-6542 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6542 > * CVE-2012-6544 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6544 > * CVE-2012-6545 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6545 > * CVE-2012-6546 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6546 > * CVE-2012-6547 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6547 > * CVE-2012-6549 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6549 > * CVE-2013-0343 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0343 > * CVE-2013-0914 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0914 > * CVE-2013-1827 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1827 > * CVE-2013-2141 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2141 > * CVE-2013-2164 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2164 > * CVE-2013-2206 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206 > * CVE-2013-2232 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2232 > * CVE-2013-2234 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2234 > * CVE-2013-2237 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2237 > * CVE-2013-2888 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888 > * CVE-2013-2893 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893 > * CVE-2013-2897 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897 > * CVE-2013-3222 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3222 > * CVE-2013-3223 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3223 > * CVE-2013-3224 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3224 > * CVE-2013-3228 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3228 > * CVE-2013-3229 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3229 > * CVE-2013-3231 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3231 > * CVE-2013-3232 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3232 > * CVE-2013-3234 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3234 > * CVE-2013-3235 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3235 > * CVE-2013-4162 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162 > * CVE-2013-4387 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4387 > * CVE-2013-4470 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470 > * CVE-2013-4483 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4483 > * CVE-2013-4588 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4588 > * CVE-2013-6383 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6383 > * CVE-2014-1444 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1444 > * CVE-2014-1445 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1445 > * CVE-2014-1446 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446 > Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): kernel-default-2.6.16.60-0.105.1 kernel-source-2.6.16.60-0.105.1 kernel-syms-2.6.16.60-0.105.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64): kernel-debug-2.6.16.60-0.105.1 kernel-kdump-2.6.16.60-0.105.1 kernel-smp-2.6.16.60-0.105.1 kernel-xen-2.6.16.60-0.105.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586): kernel-bigsmp-2.6.16.60-0.105.1 kernel-kdumppae-2.6.16.60-0.105.1 kernel-vmi-2.6.16.60-0.105.1 kernel-vmipae-2.6.16.60-0.105.1 kernel-xenpae-2.6.16.60-0.105.1 References: http://support.novell.com/security/cve/CVE-2011-2492.html http://support.novell.com/security/cve/CVE-2011-2494.html http://support.novell.com/security/cve/CVE-2012-6537.html http://support.novell.com/security/cve/CVE-2012-6539.html http://support.novell.com/security/cve/CVE-2012-6540.html http://support.novell.com/security/cve/CVE-2012-6541.html http://support.novell.com/security/cve/CVE-2012-6542.html http://support.novell.com/security/cve/CVE-2012-6544.html http://support.novell.com/security/cve/CVE-2012-6545.html http://support.novell.com/security/cve/CVE-2012-6546.html http://support.novell.com/security/cve/CVE-2012-6547.html http://support.novell.com/security/cve/CVE-2012-6549.html http://support.novell.com/security/cve/CVE-2013-0343.html http://support.novell.com/security/cve/CVE-2013-0914.html http://support.novell.com/security/cve/CVE-2013-1827.html http://support.novell.com/security/cve/CVE-2013-2141.html http://support.novell.com/security/cve/CVE-2013-2164.html http://support.novell.com/security/cve/CVE-2013-2206.html http://support.novell.com/security/cve/CVE-2013-2232.html http://support.novell.com/security/cve/CVE-2013-2234.html http://support.novell.com/security/cve/CVE-2013-2237.html http://support.novell.com/security/cve/CVE-2013-2888.html http://support.novell.com/security/cve/CVE-2013-2893.html http://support.novell.com/security/cve/CVE-2013-2897.html http://support.novell.com/security/cve/CVE-2013-3222.html http://support.novell.com/security/cve/CVE-2013-3223.html http://support.novell.com/security/cve/CVE-2013-3224.html http://support.novell.com/security/cve/CVE-2013-3228.html http://support.novell.com/security/cve/CVE-2013-3229.html http://support.novell.com/security/cve/CVE-2013-3231.html http://support.novell.com/security/cve/CVE-2013-3232.html http://support.novell.com/security/cve/CVE-2013-3234.html http://support.novell.com/security/cve/CVE-2013-3235.html http://support.novell.com/security/cve/CVE-2013-4162.html http://support.novell.com/security/cve/CVE-2013-4387.html http://support.novell.com/security/cve/CVE-2013-4470.html http://support.novell.com/security/cve/CVE-2013-4483.html http://support.novell.com/security/cve/CVE-2013-4588.html http://support.novell.com/security/cve/CVE-2013-6383.html http://support.novell.com/security/cve/CVE-2014-1444.html http://support.novell.com/security/cve/CVE-2014-1445.html http://support.novell.com/security/cve/CVE-2014-1446.html https://bugzilla.novell.com/702014 https://bugzilla.novell.com/703156 https://bugzilla.novell.com/790920 https://bugzilla.novell.com/798050 https://bugzilla.novell.com/805226 https://bugzilla.novell.com/806219 https://bugzilla.novell.com/808827 https://bugzilla.novell.com/809889 https://bugzilla.novell.com/809891 https://bugzilla.novell.com/809892 https://bugzilla.novell.com/809893 https://bugzilla.novell.com/809894 https://bugzilla.novell.com/809898 https://bugzilla.novell.com/809899 https://bugzilla.novell.com/809900 https://bugzilla.novell.com/809901 https://bugzilla.novell.com/809903 https://bugzilla.novell.com/811354 https://bugzilla.novell.com/816668 https://bugzilla.novell.com/820338 https://bugzilla.novell.com/822722 https://bugzilla.novell.com/823267 https://bugzilla.novell.com/824295 https://bugzilla.novell.com/825052 https://bugzilla.novell.com/826102 https://bugzilla.novell.com/826551 https://bugzilla.novell.com/827362 https://bugzilla.novell.com/827749 https://bugzilla.novell.com/827750 https://bugzilla.novell.com/827855 https://bugzilla.novell.com/827983 https://bugzilla.novell.com/828119 https://bugzilla.novell.com/830344 https://bugzilla.novell.com/831058 https://bugzilla.novell.com/832603 https://bugzilla.novell.com/835839 https://bugzilla.novell.com/842239 https://bugzilla.novell.com/843430 https://bugzilla.novell.com/845028 https://bugzilla.novell.com/847672 https://bugzilla.novell.com/848321 https://bugzilla.novell.com/849765 https://bugzilla.novell.com/850241 https://bugzilla.novell.com/851095 https://bugzilla.novell.com/852558 https://bugzilla.novell.com/853501 https://bugzilla.novell.com/857597 https://bugzilla.novell.com/858869 https://bugzilla.novell.com/858870 https://bugzilla.novell.com/858872 http://download.suse.com/patch/finder/?keywords=bd99d2fcd47fefd9c76757c1e9e… http://download.suse.com/patch/finder/?keywords=d046a694b83b003f9bb6b21b6c0… http://download.suse.com/patch/finder/?keywords=e59a3c9997ba1bed5bbf01d34d3… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0535-1: important: Security update for flash-player
by opensuse-security＠opensuse.org 16 Apr '14

16 Apr '14

SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0535-1 Rating: important References: #872692 Cross-References: CVE-2014-0506 CVE-2014-0507 CVE-2014-0508 CVE-2014-0509 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: Adobe flash-player has been updated to version 11.2.202.350 to resolve security issues and bugs. More information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14 -09.html <http://helpx.adobe.com/security/products/flash-player/apsb1 4-09.html> The following security issues have been fixed: * a use-after-free vulnerability that could have resulted in arbitrary code execution (CVE-2014-0506). * a buffer overflow vulnerability that could have resulted in arbitrary code execution (CVE-2014-0507). * a security bypass vulnerability that could have lead to information disclosure (CVE-2014-0508). * a cross-site-scripting vulnerability (CVE-2014-0509). Security Issue references: * CVE-2014-0506 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0506 > * CVE-2014-0507 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0507 > * CVE-2014-0508 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0508 > * CVE-2014-0509 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0509 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-9120 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.350]: flash-player-11.2.202.350-0.3.1 flash-player-gnome-11.2.202.350-0.3.1 flash-player-kde4-11.2.202.350-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-0506.html http://support.novell.com/security/cve/CVE-2014-0507.html http://support.novell.com/security/cve/CVE-2014-0508.html http://support.novell.com/security/cve/CVE-2014-0509.html https://bugzilla.novell.com/872692 http://download.suse.com/patch/finder/?keywords=f2e86f8ff4aea106f143b9f7f58… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0531-1: important: Security update for Linux kernel
by opensuse-security＠opensuse.org 15 Apr '14

15 Apr '14

SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0531-1 Rating: important References: #599263 #827670 #833968 #844513 #846790 #847672 #852488 #852967 #853162 #853166 #853455 #854025 #854445 #855825 #856848 #857358 #857643 #858604 #859225 #859342 #861093 #862796 #862957 #863178 #863526 #864025 #864058 #864833 #864880 #865342 #865783 #866253 #866428 #870801 Cross-References: CVE-2013-4470 CVE-2013-6885 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-0069 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 28 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. ------------------------------------------------------------ ------------ WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58 (revisions 0x12, 0x13, 0x22), please make sure to read the following support document before installing this update: https://www.suse.com/support/kb/doc.php?id=7014344 <https://www.suse.com/support/kb/doc.php?id=7014344> You will have to update your KVM setup to no longer make use of PCI pass-through before rebooting to the updated kernel. ------------------------------------------------------------ ------------ The following security bugs have been fixed: * CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. (bnc#847672) * CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. (bnc#852967) * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643) * CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) * CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) * CVE-2014-0069: The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. (bnc#864025) Also the following non-security bugs have been fixed: * kabi: protect symbols modified by bnc#864833 fix (bnc#864833). * mm: mempolicy: fix mbind_range() && vma_adjust() interaction (VM Functionality (bnc#866428)). * mm: merging memory blocks resets mempolicy (VM Functionality (bnc#866428)). * mm/page-writeback.c: do not count anon pages as dirtyable memory (High memory utilisation performance (bnc#859225)). * mm: vmscan: Do not force reclaim file pages until it exceeds anon (High memory utilisation performance (bnc#859225)). * mm: vmscan: fix endless loop in kswapd balancing (High memory utilisation performance (bnc#859225)). * mm: vmscan: Update rotated and scanned when force reclaimed (High memory utilisation performance (bnc#859225)). * mm: exclude memory less nodes from zone_reclaim (bnc#863526). * mm: fix return type for functions nr_free_*_pages kabi fixup (bnc#864058). * mm: fix return type for functions nr_free_*_pages (bnc#864058). * mm: swap: Use swapfiles in priority order (Use swap files in priority order (bnc#862957)). * x86: Save cr2 in NMI in case NMIs take a page fault (follow-up for patches.fixes/x86-Add-workaround-to-NMI-iret-woes.patch). * powerpc: Add VDSO version of getcpu (fate#316816, bnc#854445). * vmscan: change type of vm_total_pages to unsigned long (bnc#864058). * audit: dynamically allocate audit_names when not enough space is in the names array (bnc#857358). * audit: make filetype matching consistent with other filters (bnc#857358). * arch/x86/mm/srat: Skip NUMA_NO_NODE while parsing SLIT (bnc#863178). * hwmon: (coretemp) Fix truncated name of alarm attributes. * privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093). * nohz: Check for nohz active instead of nohz enabled (bnc#846790). * nohz: Fix another inconsistency between CONFIG_NO_HZ=n and nohz=off (bnc#846790). * iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets (bnc#844513) * balloon: do not crash in HVM-with-PoD guests. * crypto: s390 - fix des and des3_ede ctr concurrency issue (bnc#862796, LTC#103744). * crypto: s390 - fix des and des3_ede cbc concurrency issue (bnc#862796, LTC#103743). * kernel: oops due to linkage stack instructions (bnc#862796, LTC#103860). * crypto: s390 - fix concurrency issue in aes-ctr mode (bnc#862796, LTC#103742). * dump: Fix dump memory detection (bnc#862796,LTC#103575). * net: change type of virtio_chan->p9_max_pages (bnc#864058). * inet: handle rt{,6}_bind_peer() failure correctly (bnc#870801). * inet: Avoid potential NULL peer dereference (bnc#864833). * inet: Hide route peer accesses behind helpers (bnc#864833). * inet: Pass inetpeer root into inet_getpeer*() interfaces (bnc#864833). * tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968). * tcp: syncookies: reduce mss table to four values (bnc#833968). * ipv6 routing, NLM_F_* flag support: REPLACE and EXCL flags support, warn about missing CREATE flag (bnc#865783). * ipv6: send router reachability probe if route has an unreachable gateway (bnc#853162). * sctp: Implement quick failover draft from tsvwg (bnc#827670). * ipvs: fix AF assignment in ip_vs_conn_new() (bnc#856848). * NFSD/sunrpc: avoid deadlock on TCP connection due to memory pressure (bnc#853455). * btrfs: bugfix collection * fs/nfsd: change type of max_delegations, nfsd_drc_max_mem and nfsd_drc_mem_used (bnc#864058). * fs/buffer.c: change type of max_buffer_heads to unsigned long (bnc#864058). * ncpfs: fix rmdir returns Device or resource busy (bnc#864880). * scsi_dh_alua: fixup RTPG retry delay miscalculation (bnc#854025). * scsi_dh_alua: Simplify state machine (bnc#854025). * xhci: Fix resume issues on Renesas chips in Samsung laptops (bnc#866253). * bonding: disallow enslaving a bond to itself (bnc#599263). * USB: hub: handle -ETIMEDOUT during enumeration (bnc#855825). * dm-multipath: Do not stall on invalid ioctls (bnc#865342). * scsi_dh_alua: endless STPG retries for a failed LUN (bnc#865342). * net/mlx4_en: Fix pages never dma unmapped on rx (bnc#858604). * dlm: remove get_comm (bnc#827670). * dlm: Avoid LVB truncation (bnc#827670). * dlm: disable nagle for SCTP (bnc#827670). * dlm: retry failed SCTP sends (bnc#827670). * dlm: try other IPs when sctp init assoc fails (bnc#827670). * dlm: clear correct bit during sctp init failure handling (bnc#827670). * dlm: set sctp assoc id during setup (bnc#827670). * dlm: clear correct init bit during sctp setup (bnc#827670). * dlm: fix deadlock between dlm_send and dlm_controld (bnc#827670). * dlm: Fix return value from lockspace_busy() (bnc#827670). * Avoid occasional hang with NFS (bnc#852488). * mpt2sas: Fix unsafe using smp_processor_id() in preemptible (bnc#853166). * lockd: send correct lock when granting a delayed lock (bnc#859342). Security Issue references: * CVE-2013-4470 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470 > * CVE-2013-6885 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 > * CVE-2013-7263 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263 > * CVE-2013-7264 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264 > * CVE-2013-7265 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265 > * CVE-2014-0069 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069 > Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kernel-9102 slessp3-kernel-9105 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kernel-9102 slessp3-kernel-9103 slessp3-kernel-9104 slessp3-kernel-9105 slessp3-kernel-9113 - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-kernel-9102 slehasp3-kernel-9103 slehasp3-kernel-9104 slehasp3-kernel-9105 slehasp3-kernel-9113 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kernel-9102 sledsp3-kernel-9105 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.101]: kernel-default-3.0.101-0.21.1 kernel-default-base-3.0.101-0.21.1 kernel-default-devel-3.0.101-0.21.1 kernel-source-3.0.101-0.21.1 kernel-syms-3.0.101-0.21.1 kernel-trace-3.0.101-0.21.1 kernel-trace-base-3.0.101-0.21.1 kernel-trace-devel-3.0.101-0.21.1 kernel-xen-devel-3.0.101-0.21.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.101]: kernel-pae-3.0.101-0.21.1 kernel-pae-base-3.0.101-0.21.1 kernel-pae-devel-3.0.101-0.21.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]: kernel-default-3.0.101-0.21.1 kernel-default-base-3.0.101-0.21.1 kernel-default-devel-3.0.101-0.21.1 kernel-source-3.0.101-0.21.1 kernel-syms-3.0.101-0.21.1 kernel-trace-3.0.101-0.21.1 kernel-trace-base-3.0.101-0.21.1 kernel-trace-devel-3.0.101-0.21.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.101]: kernel-ec2-3.0.101-0.21.1 kernel-ec2-base-3.0.101-0.21.1 kernel-ec2-devel-3.0.101-0.21.1 kernel-xen-3.0.101-0.21.1 kernel-xen-base-3.0.101-0.21.1 kernel-xen-devel-3.0.101-0.21.1 xen-kmp-default-4.2.4_02_3.0.101_0.21-0.7.12 - SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.101]: kernel-default-man-3.0.101-0.21.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.101]: kernel-ppc64-3.0.101-0.21.1 kernel-ppc64-base-3.0.101-0.21.1 kernel-ppc64-devel-3.0.101-0.21.1 - SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.101]: kernel-pae-3.0.101-0.21.1 kernel-pae-base-3.0.101-0.21.1 kernel-pae-devel-3.0.101-0.21.1 xen-kmp-pae-4.2.4_02_3.0.101_0.21-0.7.12 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.101_0.21-2.27.54 cluster-network-kmp-trace-1.4_3.0.101_0.21-2.27.54 gfs2-kmp-default-2_3.0.101_0.21-0.16.60 gfs2-kmp-trace-2_3.0.101_0.21-0.16.60 ocfs2-kmp-default-1.6_3.0.101_0.21-0.20.54 ocfs2-kmp-trace-1.6_3.0.101_0.21-0.20.54 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.101_0.21-2.27.54 gfs2-kmp-xen-2_3.0.101_0.21-0.16.60 ocfs2-kmp-xen-1.6_3.0.101_0.21-0.20.54 - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.101_0.21-2.27.54 gfs2-kmp-ppc64-2_3.0.101_0.21-0.16.60 ocfs2-kmp-ppc64-1.6_3.0.101_0.21-0.20.54 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586): cluster-network-kmp-pae-1.4_3.0.101_0.21-2.27.54 gfs2-kmp-pae-2_3.0.101_0.21-0.16.60 ocfs2-kmp-pae-1.6_3.0.101_0.21-0.20.54 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.101]: kernel-default-3.0.101-0.21.1 kernel-default-base-3.0.101-0.21.1 kernel-default-devel-3.0.101-0.21.1 kernel-default-extra-3.0.101-0.21.1 kernel-source-3.0.101-0.21.1 kernel-syms-3.0.101-0.21.1 kernel-trace-devel-3.0.101-0.21.1 kernel-xen-3.0.101-0.21.1 kernel-xen-base-3.0.101-0.21.1 kernel-xen-devel-3.0.101-0.21.1 kernel-xen-extra-3.0.101-0.21.1 xen-kmp-default-4.2.4_02_3.0.101_0.21-0.7.12 - SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.101]: kernel-pae-3.0.101-0.21.1 kernel-pae-base-3.0.101-0.21.1 kernel-pae-devel-3.0.101-0.21.1 kernel-pae-extra-3.0.101-0.21.1 xen-kmp-pae-4.2.4_02_3.0.101_0.21-0.7.12 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-0.21.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-3.0.101-0.21.1 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-3.0.101-0.21.1 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-3.0.101-0.21.1 References: http://support.novell.com/security/cve/CVE-2013-4470.html http://support.novell.com/security/cve/CVE-2013-6885.html http://support.novell.com/security/cve/CVE-2013-7263.html http://support.novell.com/security/cve/CVE-2013-7264.html http://support.novell.com/security/cve/CVE-2013-7265.html http://support.novell.com/security/cve/CVE-2014-0069.html https://bugzilla.novell.com/599263 https://bugzilla.novell.com/827670 https://bugzilla.novell.com/833968 https://bugzilla.novell.com/844513 https://bugzilla.novell.com/846790 https://bugzilla.novell.com/847672 https://bugzilla.novell.com/852488 https://bugzilla.novell.com/852967 https://bugzilla.novell.com/853162 https://bugzilla.novell.com/853166 https://bugzilla.novell.com/853455 https://bugzilla.novell.com/854025 https://bugzilla.novell.com/854445 https://bugzilla.novell.com/855825 https://bugzilla.novell.com/856848 https://bugzilla.novell.com/857358 https://bugzilla.novell.com/857643 https://bugzilla.novell.com/858604 https://bugzilla.novell.com/859225 https://bugzilla.novell.com/859342 https://bugzilla.novell.com/861093 https://bugzilla.novell.com/862796 https://bugzilla.novell.com/862957 https://bugzilla.novell.com/863178 https://bugzilla.novell.com/863526 https://bugzilla.novell.com/864025 https://bugzilla.novell.com/864058 https://bugzilla.novell.com/864833 https://bugzilla.novell.com/864880 https://bugzilla.novell.com/865342 https://bugzilla.novell.com/865783 https://bugzilla.novell.com/866253 https://bugzilla.novell.com/866428 https://bugzilla.novell.com/870801 http://download.suse.com/patch/finder/?keywords=16687a9fa96ac20af4faa8cdfc9… http://download.suse.com/patch/finder/?keywords=22dc1e8af18524473cafffecb4b… http://download.suse.com/patch/finder/?keywords=2386e6a1a3b32a7da85c7d674d4… http://download.suse.com/patch/finder/?keywords=3d3bd3e381acb377bb739c05c5a… http://download.suse.com/patch/finder/?keywords=54f3c63bee2dc088c0d6761885a… http://download.suse.com/patch/finder/?keywords=b4a3caafceac4ecd970b8cf2ee7… http://download.suse.com/patch/finder/?keywords=c09969470032946e130c305f40d… http://download.suse.com/patch/finder/?keywords=c62554b736bb29d4bea09917484… http://download.suse.com/patch/finder/?keywords=e622300e3c415568cc6d36c257c… http://download.suse.com/patch/finder/?keywords=e91b14a6ab1b56e7248783a199b… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0529-1: important: Security update for strongswan
by opensuse-security＠opensuse.org 15 Apr '14

15 Apr '14

SUSE Security Update: Security update for strongswan ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0529-1 Rating: important References: #870572 Cross-References: CVE-2014-2338 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 LTSS SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The following security issue is fixed by this update: * bnc#870572: strongswan has been updated to fix an authentication problem where attackers could have bypassed the IKEv2 authentication. (CVE-2014-2338) Security Issue reference: * CVE-2014-2338 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2338 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-strongswan-9089 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-strongswan-9089 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-strongswan-9091 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-strongswan-9090 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-strongswan-9089 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): strongswan-4.4.0-6.23.1 strongswan-doc-4.4.0-6.23.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): strongswan-4.4.0-6.23.1 strongswan-doc-4.4.0-6.23.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): strongswan-4.4.0-6.23.1 strongswan-doc-4.4.0-6.23.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.23.1 strongswan-doc-4.4.0-6.23.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): strongswan-4.4.0-6.17.1 strongswan-doc-4.4.0-6.17.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): strongswan-4.1.10-0.20.1 strongswan-doc-4.1.10-0.20.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): strongswan-4.4.0-6.23.1 strongswan-doc-4.4.0-6.23.1 References: http://support.novell.com/security/cve/CVE-2014-2338.html https://bugzilla.novell.com/870572 http://download.suse.com/patch/finder/?keywords=2fa17d32e96a0a6e75cf09c3ee2… http://download.suse.com/patch/finder/?keywords=6934f5428f28e943d4b95fb8018… http://download.suse.com/patch/finder/?keywords=a056596e6640418d5e1521a74c8… http://download.suse.com/patch/finder/?keywords=bf28f278dcbe157650c32cbc447… http://download.suse.com/patch/finder/?keywords=fcda2d9564b781d675247b9a0b0… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0510-1: important: Security update for puppet
by opensuse-security＠opensuse.org 10 Apr '14

10 Apr '14

SUSE Security Update: Security update for puppet ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0510-1 Rating: important References: #864082 Cross-References: CVE-2013-4761 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The deployment framework puppet received an update for a security issue in January. The backport of this security issue was however incomplete and broke existing setups. As the scope of the problem is limited to local scenarios where an attacker likely has access already, and backporting is not trivial, this update reverts the fix for now. We are evaluating the possibility of an update to puppet 2.7 in the future. Security Issue reference: * CVE-2013-4761 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-puppet-9033 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-puppet-9033 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-puppet-9034 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-puppet-9033 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): puppet-2.6.18-0.14.1 puppet-server-2.6.18-0.14.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): puppet-2.6.18-0.14.1 puppet-server-2.6.18-0.14.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 2.6.18]: puppet-2.6.18-0.14.1 puppet-server-2.6.18-0.14.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): puppet-2.6.18-0.14.1 References: http://support.novell.com/security/cve/CVE-2013-4761.html https://bugzilla.novell.com/864082 http://download.suse.com/patch/finder/?keywords=24c2c59c4dad1805552510a5de5… http://download.suse.com/patch/finder/?keywords=a6a4981325dec6da4f36ae2016a… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2014:0501-1: important: chromium to 33.0.1750.152 stable release
by opensuse-security＠opensuse.org 09 Apr '14

09 Apr '14

openSUSE Security Update: chromium to 33.0.1750.152 stable release ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0501-1 Rating: important References: #866959 Cross-References: CVE-2014-1700 CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704 CVE-2014-1705 CVE-2014-1713 CVE-2014-1714 CVE-2014-1715 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: Chromium was updated to the 33.0.1750.152 stable channel uodate: - Security fixes: * CVE-2014-1713: Use-after-free in Blink bindings * CVE-2014-1714: Windows clipboard vulnerability * CVE-2014-1705: Memory corruption in V8 * CVE-2014-1715: Directory traversal issue Previous stable channel update 33.0.1750.149: - Security fixes: * CVE-2014-1700: Use-after-free in speech * CVE-2014-1701: UXSS in events * CVE-2014-1702: Use-after-free in web database * CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-280 - openSUSE 12.3: zypper in -t patch openSUSE-2014-280 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): chromedriver-33.0.1750.152-25.2 chromedriver-debuginfo-33.0.1750.152-25.2 chromium-33.0.1750.152-25.2 chromium-debuginfo-33.0.1750.152-25.2 chromium-debugsource-33.0.1750.152-25.2 chromium-desktop-gnome-33.0.1750.152-25.2 chromium-desktop-kde-33.0.1750.152-25.2 chromium-ffmpegsumo-33.0.1750.152-25.2 chromium-ffmpegsumo-debuginfo-33.0.1750.152-25.2 chromium-suid-helper-33.0.1750.152-25.2 chromium-suid-helper-debuginfo-33.0.1750.152-25.2 - openSUSE 12.3 (i586 x86_64): chromedriver-33.0.1750.152-1.33.2 chromedriver-debuginfo-33.0.1750.152-1.33.2 chromium-33.0.1750.152-1.33.2 chromium-debuginfo-33.0.1750.152-1.33.2 chromium-debugsource-33.0.1750.152-1.33.2 chromium-desktop-gnome-33.0.1750.152-1.33.2 chromium-desktop-kde-33.0.1750.152-1.33.2 chromium-ffmpegsumo-33.0.1750.152-1.33.2 chromium-ffmpegsumo-debuginfo-33.0.1750.152-1.33.2 chromium-suid-helper-33.0.1750.152-1.33.2 chromium-suid-helper-debuginfo-33.0.1750.152-1.33.2 References: http://support.novell.com/security/cve/CVE-2014-1700.html http://support.novell.com/security/cve/CVE-2014-1701.html http://support.novell.com/security/cve/CVE-2014-1702.html http://support.novell.com/security/cve/CVE-2014-1703.html http://support.novell.com/security/cve/CVE-2014-1704.html http://support.novell.com/security/cve/CVE-2014-1705.html http://support.novell.com/security/cve/CVE-2014-1713.html http://support.novell.com/security/cve/CVE-2014-1714.html http://support.novell.com/security/cve/CVE-2014-1715.html https://bugzilla.novell.com/866959 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0