openSUSE Security Update: update for flash-player
______________________________________________________________________________
Announcement ID: openSUSE-SU-2014:0585-1
Rating: critical
References: #875577
Cross-References: CVE-2014-0515
Affected Products:
openSUSE 13.1:NonFree
openSUSE 12.3:NonFree
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This flash-player update fixes a critical buffer overflow
vulnerability that leads to arbitrary code execution.
The flash-player package was updated to version
11.2.202.356.
* bnc#875577, APSB14-13, CVE-2014-0515
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:NonFree:
zypper in -t patch openSUSE-2014-322
- openSUSE 12.3:NonFree:
zypper in -t patch openSUSE-2014-322
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1:NonFree (i586 x86_64):
flash-player-11.2.202.356-46.1
flash-player-gnome-11.2.202.356-46.1
flash-player-kde4-11.2.202.356-46.1
- openSUSE 12.3:NonFree (i586 x86_64):
flash-player-11.2.202.356-2.72.1
flash-player-gnome-11.2.202.356-2.72.1
flash-player-kde4-11.2.202.356-2.72.1
References:
http://support.novell.com/security/cve/CVE-2014-0515.htmlhttps://bugzilla.novell.com/875577
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
SUSE Security Update: Security update for jakarta-commons-fileupload
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0548-1
Rating: important
References: #862781
Cross-References: CVE-2014-0050
Affected Products:
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update fixes a security issue with
jakarta-commons-fileupload:
* bnc#862781: denial of service due to too-small buffer
size used (CVE-2014-0050)
Security Issue reference:
* CVE-2014-0050
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-jakarta-commons-fileupload-9087
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-jakarta-commons-fileupload-9087
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (noarch):
jakarta-commons-fileupload-1.1.1-1.37.1
jakarta-commons-fileupload-javadoc-1.1.1-1.37.1
- SUSE Linux Enterprise Server 11 SP3 (noarch):
jakarta-commons-fileupload-1.1.1-1.37.1
jakarta-commons-fileupload-javadoc-1.1.1-1.37.1
References:
http://support.novell.com/security/cve/CVE-2014-0050.htmlhttps://bugzilla.novell.com/862781http://download.suse.com/patch/finder/?keywords=ba380f7e3fc44242f7f8d403bdc…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0537-1
Rating: important
References: #599263 #769035 #769644 #793727 #798050 #805114
#805740 #820434 #823618 #827670 #833968 #844513
#845378 #845621 #846654 #846790 #846984 #847672
#848055 #849364 #849855 #851603 #852153 #852488
#852967 #853052 #853162 #853166 #853455 #854025
#854445 #854516 #855825 #855885 #856848 #857358
#857643 #857919 #858534 #858604 #858831 #859225
#859342 #861093 #862796 #862957 #863178 #863526
#864025 #864058 #864833 #864880 #865342 #865783
#866253 #866428 #870801
Cross-References: CVE-2013-4470 CVE-2013-6368 CVE-2013-6885
CVE-2013-7263 CVE-2013-7264 CVE-2013-7265
CVE-2014-0069
Affected Products:
SUSE Linux Enterprise Real Time Extension 11 SP3
______________________________________________________________________________
An update that solves 7 vulnerabilities and has 50 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 3 RealTime
Extension kernel has been updated to fix various bugs and
security issues.
------------------------------------------------------------
------------ WARNING: If you are running KVM with PCI
pass-through on a system with one of the following Intel
chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or
X58 (revisions 0x12, 0x13, 0x22), please make sure to read
the following support document before installing this
update: https://www.suse.com/support/kb/doc.php?id=7014344
<https://www.suse.com/support/kb/doc.php?id=7014344> You
will have to update your KVM setup to no longer make use
of PCI pass-through before rebooting to the updated
kernel.
------------------------------------------------------------
------------
The following security bugs have been fixed:
*
CVE-2013-4470: The Linux kernel before 3.12, when UDP
Fragmentation Offload (UFO) is enabled, does not properly
initialize certain data structures, which allows local
users to cause a denial of service (memory corruption and
system crash) or possibly gain privileges via a crafted
application that uses the UDP_CORK option in a setsockopt
system call and sends both short and long packets, related
to the ip_ufo_append_data function in net/ipv4/ip_output.c
and the ip6_ufo_append_data function in
net/ipv6/ip6_output.c. (bnc#847672)
*
CVE-2013-6368: The KVM subsystem in the Linux kernel
through 3.12.5 allows local users to gain privileges or
cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address.
(bnc#853052)
*
CVE-2013-6885: The microcode on AMD 16h 00h through
0Fh processors does not properly handle the interaction
between locked instructions and write-combined memory
types, which allows local users to cause a denial of
service (system hang) via a crafted application, aka the
errata 793 issue. (bnc#852967)
*
CVE-2013-7263: The Linux kernel before 3.12.4 updates
certain length values before ensuring that associated data
structures have been initialized, which allows local users
to obtain sensitive information from kernel stack memory
via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system
call, related to net/ipv4/ping.c, net/ipv4/raw.c,
net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
(bnc#857643)
*
CVE-2013-7264: The l2tp_ip_recvmsg function in
net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4
updates a certain length value before ensuring that an
associated data structure has been initialized, which
allows local users to obtain sensitive information from
kernel stack memory via a (1) recvfrom, (2) recvmmsg, or
(3) recvmsg system call. (bnc#857643)
*
CVE-2013-7265: The pn_recvmsg function in
net/phonet/datagram.c in the Linux kernel before 3.12.4
updates a certain length value before ensuring that an
associated data structure has been initialized, which
allows local users to obtain sensitive information from
kernel stack memory via a (1) recvfrom, (2) recvmmsg, or
(3) recvmsg system call. (bnc#857643)
*
CVE-2014-0069: The cifs_iovec_write function in
fs/cifs/file.c in the Linux kernel through 3.13.5 does not
properly handle uncached write operations that copy fewer
than the requested number of bytes, which allows local
users to obtain sensitive information from kernel memory,
cause a denial of service (memory corruption and system
crash), or possibly gain privileges via a writev system
call with a crafted pointer. (bnc#864025)
Also the following non-security bugs have been fixed:
* sched/rt: Fix rqs cpupri leak while enqueue/dequeue
child RT entities.
* sched/rt: Use root_domain of rt_rq not current
processor (bnc#857919).
* kernel: oops due to linkage stack instructions
(bnc#862796, LTC#103860).
* kabi: protect symbols modified by bnc#864833 fix
(bnc#864833).
* kabi: protect bind_conflict callback in struct
inet_connection_sock_af_ops (bnc#823618).
* mm: mempolicy: fix mbind_range() && vma_adjust()
interaction (VM Functionality (bnc#866428)).
* mm: merging memory blocks resets mempolicy (VM
Functionality (bnc#866428)).
* mm/page-writeback.c: do not count anon pages as
dirtyable memory (High memory utilisation performance
(bnc#859225)).
* mm: vmscan: Do not force reclaim file pages until it
exceeds anon (High memory utilisation performance
(bnc#859225)).
* mm: vmscan: fix endless loop in kswapd balancing
(High memory utilisation performance (bnc#859225)).
* mm: vmscan: Update rotated and scanned when force
reclaimed (High memory utilisation performance
(bnc#859225)).
* mm: fix return type for functions nr_free_*_pages
kabi fixup (bnc#864058).
* mm: fix return type for functions nr_free_*_pages
(bnc#864058).
* mm: swap: Use swapfiles in priority order (Use swap
files in priority order (bnc#862957)).
* mm: exclude memory less nodes from zone_reclaim
(bnc#863526).
*
mm: reschedule to avoid RCU stall triggering during
boot of large machines (bnc#820434,bnc#852153).
*
arch/x86: Fix incorrect config symbol in #ifdef
(bnc#844513).
* arch/x86/mm/srat: Skip NUMA_NO_NODE while parsing
SLIT (bnc#863178).
* vmscan: change type of vm_total_pages to unsigned
long (bnc#864058).
* crypto: s390 - fix des and des3_ede ctr concurrency
issue (bnc#862796, LTC#103744).
* crypto: s390 - fix concurrency issue in aes-ctr mode
(bnc#862796, LTC#103742).
* X.509: Fix certificate gathering (bnc#805114).
* dump: Fix dump memory detection
(bnc#862796,LTC#103575).
* lockd: send correct lock when granting a delayed lock
(bnc#859342).
* nohz: Check for nohz active instead of nohz enabled
(bnc#846790).
* nohz: Fix another inconsistency between
CONFIG_NO_HZ=n and nohz=off (bnc#846790).
* futex: move user address verification up to common
code (bnc#851603).
* futexes: Clean up various details (bnc#851603).
* futexes: Increase hash table size for better
performance (bnc#851603).
* futexes: Document multiprocessor ordering guarantees
(bnc#851603).
* futexes: Avoid taking the hb->lock if there is
nothing to wake up (bnc#851603).
* efifb: prevent null-deref when iterating dmi_list
(bnc#848055).
* x86/PCI: reduce severity of host bridge window
conflict warnings (bnc#858534).
*
x86/dumpstack: Fix printk_address for direct
addresses (bnc#845621).
*
ipv6 routing, NLM_F_* flag support: REPLACE and EXCL
flags support, warn about missing CREATE flag (bnc#865783).
* ipv6: send router reachability probe if route has an
unreachable gateway (bnc#853162).
* inet: handle rt{,6}_bind_peer() failure correctly
(bnc#870801).
* inet: Avoid potential NULL peer dereference
(bnc#864833).
* inet: Hide route peer accesses behind helpers
(bnc#864833).
* inet: Pass inetpeer root into inet_getpeer*()
interfaces (bnc#864833).
* tcp: syncookies: reduce cookie lifetime to 128
seconds (bnc#833968).
* tcp: syncookies: reduce mss table to four values
(bnc#833968).
* tcp: bind() fix autoselection to share ports
(bnc#823618).
* tcp: bind() use stronger condition for bind_conflict
(bnc#823618).
* tcp: ipv6: bind() use stronger condition for
bind_conflict (bnc#823618).
* net: change type of virtio_chan->p9_max_pages
(bnc#864058).
* sctp: Implement quick failover draft from tsvwg
(bnc#827670).
* ipvs: fix AF assignment in ip_vs_conn_new()
(bnc#856848).
* net: Do not enable tx-nocache-copy by default
(bnc#845378).
* macvlan: introduce IFF_MACVLAN flag and helper
function (bnc#846984).
* macvlan: introduce macvlan_dev_real_dev() helper
function (bnc#846984).
*
macvlan: disable LRO on lower device instead of
macvlan (bnc#846984).
*
dlm: remove get_comm (bnc#827670).
* dlm: Avoid LVB truncation (bnc#827670).
* dlm: disable nagle for SCTP (bnc#827670).
* dlm: retry failed SCTP sends (bnc#827670).
* dlm: try other IPs when sctp init assoc fails
(bnc#827670).
* dlm: clear correct bit during sctp init failure
handling (bnc#827670).
* dlm: set sctp assoc id during setup (bnc#827670).
* dlm: clear correct init bit during sctp setup
(bnc#827670).
* dlm: fix deadlock between dlm_send and dlm_controld
(bnc#827670).
*
dlm: fix return value from lockspace_busy()
(bnc#827670).
*
NFSD/sunrpc: avoid deadlock on TCP connection due to
memory pressure (bnc#853455).
* ncpfs: fix rmdir returns Device or resource busy
(bnc#864880).
* btrfs: bugfix collection
* fs/fs-cache: Handle removal of unadded object to the
fscache_object_list rb tree (bnc#855885).
* fs/nfsd: change type of max_delegations,
nfsd_drc_max_mem and nfsd_drc_mem_used (bnc#864058).
* fs/nfs: Avoid occasional hang with NFS (bnc#852488).
*
fs/buffer.c: change type of max_buffer_heads to
unsigned long (bnc#864058).
*
dm-multipath: abort all requests when failing a path
(bnc#798050).
*
dm-multipath: Do not stall on invalid ioctls
(bnc#865342).
*
scsi: kABI fixes (bnc#798050).
* scsi: remove check for "resetting" (bnc#798050).
* scsi: Add "eh_deadline" to limit SCSI EH runtime
(bnc#798050).
* scsi: Allow error handling timeout to be specified
(bnc#798050).
* scsi: Fixup compilation warning (bnc#798050).
* scsi: Retry failfast commands after EH (bnc#798050).
* scsi: Warn on invalid command completion (bnc#798050).
* scsi: cleanup setting task state in
scsi_error_handler() (bnc#798050).
* scsi_dh_alua: fixup misplaced brace in
alua_initialize() (bnc#858831).
* scsi_dh_alua: fixup RTPG retry delay miscalculation
(bnc#854025).
* scsi_dh_alua: Simplify state machine (bnc#854025).
* scsi_dh_alua: endless STPG retries for a failed LUN
(bnc#865342).
*
scsi_dh_rdac: Add new IBM 1813 product id to rdac
devlist (bnc#846654).
*
xhci: Fix resume issues on Renesas chips in Samsung
laptops (bnc#866253).
* bonding: disallow enslaving a bond to itself
(bnc#599263).
* net/mlx4_en: Fix pages never dma unmapped on rx
(bnc#858604).
* USB: hub: handle -ETIMEDOUT during enumeration
(bnc#855825).
* powerpc: Add VDSO version of getcpu (fate#316816,
bnc#854445).
* privcmd: allow preempting long running user-mode
originating hypercalls (bnc#861093).
* audit: dynamically allocate audit_names when not
enough space is in the names array (bnc#857358).
* audit: make filetype matching consistent with other
filters (bnc#857358).
* mpt2sas: Fix unsafe using smp_processor_id() in
preemptible (bnc#853166).
* balloon: do not crash in HVM-with-PoD guests.
* hwmon: (coretemp) Fix truncated name of alarm
attributes.
* rtc-cmos: Add an alarm disable quirk (bnc#805740).
*
md: Change handling of save_raid_disk and metadata
update during recovery (bnc#849364).
*
s390: Avoid kabi change due to newly visible
structures.
*
s390/pci: remove PCI/MSI interruption class
(FATE#83037, LTC#94737).
*
advansys: Remove "last_reset" references (bnc#798050).
* dc395: Move "last_reset" into internal host structure
(bnc#798050).
* dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050).
* dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset
(bnc#798050).
* tmscsim: Move "last_reset" into host structure
(bnc#798050).
*
bnx2x: remove false warning regarding interrupt
number (bnc#769035).
*
block: factor out vector mergeable decision to a
helper function (bnc#769644).
*
block: modify __bio_add_page check to accept pages
that do not start a new segment (bnc#769644).
*
HID: multitouch: Add support for NextWindow 0340
touchscreen (bnc#849855).
* HID: multitouch: Add support for Qaunta 3027
touchscreen (bnc#854516).
* HID: multitouch: add support for Atmel 212c
touchscreen (bnc#793727).
* HID: multitouch: partial support of win8 devices
(bnc#854516,bnc#793727,bnc#849855).
* HID: hid-multitouch: add support for the IDEACOM 6650
chip (bnc#854516,bnc#793727,bnc#849855).
Security Issue references:
* CVE-2013-4470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470
>
* CVE-2013-6368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6368
>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885
>
* CVE-2013-7263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263
>
* CVE-2013-7264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264
>
* CVE-2013-7265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265
>
* CVE-2014-0069
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069
>
Indications:
Everyone using the Real Time Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time Extension 11 SP3:
zypper in -t patch slertesp3-kernel-9114
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time Extension 11 SP3 (x86_64) [New Version: 3.0.101.rt130]:
cluster-network-kmp-rt-1.4_3.0.101_rt130_0.14-2.27.55
cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.14-2.27.55
drbd-kmp-rt-8.4.4_3.0.101_rt130_0.14-0.22.21
drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.14-0.22.21
iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.14-0.38.40
iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.14-0.38.40
kernel-rt-3.0.101.rt130-0.14.1
kernel-rt-base-3.0.101.rt130-0.14.1
kernel-rt-devel-3.0.101.rt130-0.14.1
kernel-rt_trace-3.0.101.rt130-0.14.1
kernel-rt_trace-base-3.0.101.rt130-0.14.1
kernel-rt_trace-devel-3.0.101.rt130-0.14.1
kernel-source-rt-3.0.101.rt130-0.14.1
kernel-syms-rt-3.0.101.rt130-0.14.1
lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.14-0.11.36
lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.14-0.11.36
ocfs2-kmp-rt-1.6_3.0.101_rt130_0.14-0.20.55
ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.14-0.20.55
ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.14-0.13.46
ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.14-0.13.46
References:
http://support.novell.com/security/cve/CVE-2013-4470.htmlhttp://support.novell.com/security/cve/CVE-2013-6368.htmlhttp://support.novell.com/security/cve/CVE-2013-6885.htmlhttp://support.novell.com/security/cve/CVE-2013-7263.htmlhttp://support.novell.com/security/cve/CVE-2013-7264.htmlhttp://support.novell.com/security/cve/CVE-2013-7265.htmlhttp://support.novell.com/security/cve/CVE-2014-0069.htmlhttps://bugzilla.novell.com/599263https://bugzilla.novell.com/769035https://bugzilla.novell.com/769644https://bugzilla.novell.com/793727https://bugzilla.novell.com/798050https://bugzilla.novell.com/805114https://bugzilla.novell.com/805740https://bugzilla.novell.com/820434https://bugzilla.novell.com/823618https://bugzilla.novell.com/827670https://bugzilla.novell.com/833968https://bugzilla.novell.com/844513https://bugzilla.novell.com/845378https://bugzilla.novell.com/845621https://bugzilla.novell.com/846654https://bugzilla.novell.com/846790https://bugzilla.novell.com/846984https://bugzilla.novell.com/847672https://bugzilla.novell.com/848055https://bugzilla.novell.com/849364https://bugzilla.novell.com/849855https://bugzilla.novell.com/851603https://bugzilla.novell.com/852153https://bugzilla.novell.com/852488https://bugzilla.novell.com/852967https://bugzilla.novell.com/853052https://bugzilla.novell.com/853162https://bugzilla.novell.com/853166https://bugzilla.novell.com/853455https://bugzilla.novell.com/854025https://bugzilla.novell.com/854445https://bugzilla.novell.com/854516https://bugzilla.novell.com/855825https://bugzilla.novell.com/855885https://bugzilla.novell.com/856848https://bugzilla.novell.com/857358https://bugzilla.novell.com/857643https://bugzilla.novell.com/857919https://bugzilla.novell.com/858534https://bugzilla.novell.com/858604https://bugzilla.novell.com/858831https://bugzilla.novell.com/859225https://bugzilla.novell.com/859342https://bugzilla.novell.com/861093https://bugzilla.novell.com/862796https://bugzilla.novell.com/862957https://bugzilla.novell.com/863178https://bugzilla.novell.com/863526https://bugzilla.novell.com/864025https://bugzilla.novell.com/864058https://bugzilla.novell.com/864833https://bugzilla.novell.com/864880https://bugzilla.novell.com/865342https://bugzilla.novell.com/865783https://bugzilla.novell.com/866253https://bugzilla.novell.com/866428https://bugzilla.novell.com/870801http://download.suse.com/patch/finder/?keywords=8d7793c0cc8432bc1d41b3b09ab…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0531-1
Rating: important
References: #599263 #827670 #833968 #844513 #846790 #847672
#852488 #852967 #853162 #853166 #853455 #854025
#854445 #855825 #856848 #857358 #857643 #858604
#859225 #859342 #861093 #862796 #862957 #863178
#863526 #864025 #864058 #864833 #864880 #865342
#865783 #866253 #866428 #870801
Cross-References: CVE-2013-4470 CVE-2013-6885 CVE-2013-7263
CVE-2013-7264 CVE-2013-7265 CVE-2014-0069
Affected Products:
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise High Availability Extension 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________
An update that solves 6 vulnerabilities and has 28 fixes is
now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 3 kernel has been
updated to fix various bugs and security issues.
------------------------------------------------------------
------------ WARNING: If you are running KVM with PCI
pass-through on a system with one of the following Intel
chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or
X58 (revisions 0x12, 0x13, 0x22), please make sure to read
the following support document before installing this
update:
https://www.suse.com/support/kb/doc.php?id=7014344
<https://www.suse.com/support/kb/doc.php?id=7014344>
You will have to update your KVM setup to no longer make
use of PCI pass-through before rebooting to the updated
kernel.
------------------------------------------------------------
------------
The following security bugs have been fixed:
*
CVE-2013-4470: The Linux kernel before 3.12, when UDP
Fragmentation Offload (UFO) is enabled, does not properly
initialize certain data structures, which allows local
users to cause a denial of service (memory corruption and
system crash) or possibly gain privileges via a crafted
application that uses the UDP_CORK option in a setsockopt
system call and sends both short and long packets, related
to the ip_ufo_append_data function in net/ipv4/ip_output.c
and the ip6_ufo_append_data function in
net/ipv6/ip6_output.c. (bnc#847672)
*
CVE-2013-6885: The microcode on AMD 16h 00h through
0Fh processors does not properly handle the interaction
between locked instructions and write-combined memory
types, which allows local users to cause a denial of
service (system hang) via a crafted application, aka the
errata 793 issue. (bnc#852967)
*
CVE-2013-7263: The Linux kernel before 3.12.4 updates
certain length values before ensuring that associated data
structures have been initialized, which allows local users
to obtain sensitive information from kernel stack memory
via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system
call, related to net/ipv4/ping.c, net/ipv4/raw.c,
net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
(bnc#857643)
*
CVE-2013-7264: The l2tp_ip_recvmsg function in
net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4
updates a certain length value before ensuring that an
associated data structure has been initialized, which
allows local users to obtain sensitive information from
kernel stack memory via a (1) recvfrom, (2) recvmmsg, or
(3) recvmsg system call. (bnc#857643)
*
CVE-2013-7265: The pn_recvmsg function in
net/phonet/datagram.c in the Linux kernel before 3.12.4
updates a certain length value before ensuring that an
associated data structure has been initialized, which
allows local users to obtain sensitive information from
kernel stack memory via a (1) recvfrom, (2) recvmmsg, or
(3) recvmsg system call. (bnc#857643)
*
CVE-2014-0069: The cifs_iovec_write function in
fs/cifs/file.c in the Linux kernel through 3.13.5 does not
properly handle uncached write operations that copy fewer
than the requested number of bytes, which allows local
users to obtain sensitive information from kernel memory,
cause a denial of service (memory corruption and system
crash), or possibly gain privileges via a writev system
call with a crafted pointer. (bnc#864025)
Also the following non-security bugs have been fixed:
* kabi: protect symbols modified by bnc#864833 fix
(bnc#864833).
* mm: mempolicy: fix mbind_range() && vma_adjust()
interaction (VM Functionality (bnc#866428)).
* mm: merging memory blocks resets mempolicy (VM
Functionality (bnc#866428)).
* mm/page-writeback.c: do not count anon pages as
dirtyable memory (High memory utilisation performance
(bnc#859225)).
* mm: vmscan: Do not force reclaim file pages until it
exceeds anon (High memory utilisation performance
(bnc#859225)).
* mm: vmscan: fix endless loop in kswapd balancing
(High memory utilisation performance (bnc#859225)).
* mm: vmscan: Update rotated and scanned when force
reclaimed (High memory utilisation performance
(bnc#859225)).
* mm: exclude memory less nodes from zone_reclaim
(bnc#863526).
* mm: fix return type for functions nr_free_*_pages
kabi fixup (bnc#864058).
* mm: fix return type for functions nr_free_*_pages
(bnc#864058).
* mm: swap: Use swapfiles in priority order (Use swap
files in priority order (bnc#862957)).
* x86: Save cr2 in NMI in case NMIs take a page fault
(follow-up for
patches.fixes/x86-Add-workaround-to-NMI-iret-woes.patch).
* powerpc: Add VDSO version of getcpu (fate#316816,
bnc#854445).
* vmscan: change type of vm_total_pages to unsigned
long (bnc#864058).
* audit: dynamically allocate audit_names when not
enough space is in the names array (bnc#857358).
* audit: make filetype matching consistent with other
filters (bnc#857358).
* arch/x86/mm/srat: Skip NUMA_NO_NODE while parsing
SLIT (bnc#863178).
* hwmon: (coretemp) Fix truncated name of alarm
attributes.
* privcmd: allow preempting long running user-mode
originating hypercalls (bnc#861093).
* nohz: Check for nohz active instead of nohz enabled
(bnc#846790).
* nohz: Fix another inconsistency between
CONFIG_NO_HZ=n and nohz=off (bnc#846790).
* iommu/vt-d: add quirk for broken interrupt remapping
on 55XX chipsets (bnc#844513)
*
balloon: do not crash in HVM-with-PoD guests.
*
crypto: s390 - fix des and des3_ede ctr concurrency
issue (bnc#862796, LTC#103744).
* crypto: s390 - fix des and des3_ede cbc concurrency
issue (bnc#862796, LTC#103743).
* kernel: oops due to linkage stack instructions
(bnc#862796, LTC#103860).
* crypto: s390 - fix concurrency issue in aes-ctr mode
(bnc#862796, LTC#103742).
*
dump: Fix dump memory detection
(bnc#862796,LTC#103575).
*
net: change type of virtio_chan->p9_max_pages
(bnc#864058).
* inet: handle rt{,6}_bind_peer() failure correctly
(bnc#870801).
* inet: Avoid potential NULL peer dereference
(bnc#864833).
* inet: Hide route peer accesses behind helpers
(bnc#864833).
* inet: Pass inetpeer root into inet_getpeer*()
interfaces (bnc#864833).
* tcp: syncookies: reduce cookie lifetime to 128
seconds (bnc#833968).
* tcp: syncookies: reduce mss table to four values
(bnc#833968).
* ipv6 routing, NLM_F_* flag support: REPLACE and EXCL
flags support, warn about missing CREATE flag (bnc#865783).
* ipv6: send router reachability probe if route has an
unreachable gateway (bnc#853162).
* sctp: Implement quick failover draft from tsvwg
(bnc#827670).
*
ipvs: fix AF assignment in ip_vs_conn_new()
(bnc#856848).
*
NFSD/sunrpc: avoid deadlock on TCP connection due to
memory pressure (bnc#853455).
* btrfs: bugfix collection
* fs/nfsd: change type of max_delegations,
nfsd_drc_max_mem and nfsd_drc_mem_used (bnc#864058).
* fs/buffer.c: change type of max_buffer_heads to
unsigned long (bnc#864058).
*
ncpfs: fix rmdir returns Device or resource busy
(bnc#864880).
*
scsi_dh_alua: fixup RTPG retry delay miscalculation
(bnc#854025).
* scsi_dh_alua: Simplify state machine (bnc#854025).
* xhci: Fix resume issues on Renesas chips in Samsung
laptops (bnc#866253).
* bonding: disallow enslaving a bond to itself
(bnc#599263).
* USB: hub: handle -ETIMEDOUT during enumeration
(bnc#855825).
* dm-multipath: Do not stall on invalid ioctls
(bnc#865342).
* scsi_dh_alua: endless STPG retries for a failed LUN
(bnc#865342).
* net/mlx4_en: Fix pages never dma unmapped on rx
(bnc#858604).
* dlm: remove get_comm (bnc#827670).
* dlm: Avoid LVB truncation (bnc#827670).
* dlm: disable nagle for SCTP (bnc#827670).
* dlm: retry failed SCTP sends (bnc#827670).
* dlm: try other IPs when sctp init assoc fails
(bnc#827670).
* dlm: clear correct bit during sctp init failure
handling (bnc#827670).
* dlm: set sctp assoc id during setup (bnc#827670).
* dlm: clear correct init bit during sctp setup
(bnc#827670).
* dlm: fix deadlock between dlm_send and dlm_controld
(bnc#827670).
* dlm: Fix return value from lockspace_busy()
(bnc#827670).
* Avoid occasional hang with NFS (bnc#852488).
* mpt2sas: Fix unsafe using smp_processor_id() in
preemptible (bnc#853166).
* lockd: send correct lock when granting a delayed lock
(bnc#859342).
Security Issue references:
* CVE-2013-4470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470
>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885
>
* CVE-2013-7263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263
>
* CVE-2013-7264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264
>
* CVE-2013-7265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265
>
* CVE-2014-0069
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-kernel-9102 slessp3-kernel-9105
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-kernel-9102 slessp3-kernel-9103 slessp3-kernel-9104 slessp3-kernel-9105 slessp3-kernel-9113
- SUSE Linux Enterprise High Availability Extension 11 SP3:
zypper in -t patch slehasp3-kernel-9102 slehasp3-kernel-9103 slehasp3-kernel-9104 slehasp3-kernel-9105 slehasp3-kernel-9113
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-kernel-9102 sledsp3-kernel-9105
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.21.1
kernel-default-base-3.0.101-0.21.1
kernel-default-devel-3.0.101-0.21.1
kernel-source-3.0.101-0.21.1
kernel-syms-3.0.101-0.21.1
kernel-trace-3.0.101-0.21.1
kernel-trace-base-3.0.101-0.21.1
kernel-trace-devel-3.0.101-0.21.1
kernel-xen-devel-3.0.101-0.21.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.21.1
kernel-pae-base-3.0.101-0.21.1
kernel-pae-devel-3.0.101-0.21.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.21.1
kernel-default-base-3.0.101-0.21.1
kernel-default-devel-3.0.101-0.21.1
kernel-source-3.0.101-0.21.1
kernel-syms-3.0.101-0.21.1
kernel-trace-3.0.101-0.21.1
kernel-trace-base-3.0.101-0.21.1
kernel-trace-devel-3.0.101-0.21.1
- SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.101]:
kernel-ec2-3.0.101-0.21.1
kernel-ec2-base-3.0.101-0.21.1
kernel-ec2-devel-3.0.101-0.21.1
kernel-xen-3.0.101-0.21.1
kernel-xen-base-3.0.101-0.21.1
kernel-xen-devel-3.0.101-0.21.1
xen-kmp-default-4.2.4_02_3.0.101_0.21-0.7.12
- SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.101]:
kernel-default-man-3.0.101-0.21.1
- SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.101]:
kernel-ppc64-3.0.101-0.21.1
kernel-ppc64-base-3.0.101-0.21.1
kernel-ppc64-devel-3.0.101-0.21.1
- SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.21.1
kernel-pae-base-3.0.101-0.21.1
kernel-pae-devel-3.0.101-0.21.1
xen-kmp-pae-4.2.4_02_3.0.101_0.21-0.7.12
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.101_0.21-2.27.54
cluster-network-kmp-trace-1.4_3.0.101_0.21-2.27.54
gfs2-kmp-default-2_3.0.101_0.21-0.16.60
gfs2-kmp-trace-2_3.0.101_0.21-0.16.60
ocfs2-kmp-default-1.6_3.0.101_0.21-0.20.54
ocfs2-kmp-trace-1.6_3.0.101_0.21-0.20.54
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.101_0.21-2.27.54
gfs2-kmp-xen-2_3.0.101_0.21-0.16.60
ocfs2-kmp-xen-1.6_3.0.101_0.21-0.20.54
- SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.101_0.21-2.27.54
gfs2-kmp-ppc64-2_3.0.101_0.21-0.16.60
ocfs2-kmp-ppc64-1.6_3.0.101_0.21-0.20.54
- SUSE Linux Enterprise High Availability Extension 11 SP3 (i586):
cluster-network-kmp-pae-1.4_3.0.101_0.21-2.27.54
gfs2-kmp-pae-2_3.0.101_0.21-0.16.60
ocfs2-kmp-pae-1.6_3.0.101_0.21-0.20.54
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.21.1
kernel-default-base-3.0.101-0.21.1
kernel-default-devel-3.0.101-0.21.1
kernel-default-extra-3.0.101-0.21.1
kernel-source-3.0.101-0.21.1
kernel-syms-3.0.101-0.21.1
kernel-trace-devel-3.0.101-0.21.1
kernel-xen-3.0.101-0.21.1
kernel-xen-base-3.0.101-0.21.1
kernel-xen-devel-3.0.101-0.21.1
kernel-xen-extra-3.0.101-0.21.1
xen-kmp-default-4.2.4_02_3.0.101_0.21-0.7.12
- SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.21.1
kernel-pae-base-3.0.101-0.21.1
kernel-pae-devel-3.0.101-0.21.1
kernel-pae-extra-3.0.101-0.21.1
xen-kmp-pae-4.2.4_02_3.0.101_0.21-0.7.12
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-0.21.1
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
kernel-xen-extra-3.0.101-0.21.1
- SLE 11 SERVER Unsupported Extras (ppc64):
kernel-ppc64-extra-3.0.101-0.21.1
- SLE 11 SERVER Unsupported Extras (i586):
kernel-pae-extra-3.0.101-0.21.1
References:
http://support.novell.com/security/cve/CVE-2013-4470.htmlhttp://support.novell.com/security/cve/CVE-2013-6885.htmlhttp://support.novell.com/security/cve/CVE-2013-7263.htmlhttp://support.novell.com/security/cve/CVE-2013-7264.htmlhttp://support.novell.com/security/cve/CVE-2013-7265.htmlhttp://support.novell.com/security/cve/CVE-2014-0069.htmlhttps://bugzilla.novell.com/599263https://bugzilla.novell.com/827670https://bugzilla.novell.com/833968https://bugzilla.novell.com/844513https://bugzilla.novell.com/846790https://bugzilla.novell.com/847672https://bugzilla.novell.com/852488https://bugzilla.novell.com/852967https://bugzilla.novell.com/853162https://bugzilla.novell.com/853166https://bugzilla.novell.com/853455https://bugzilla.novell.com/854025https://bugzilla.novell.com/854445https://bugzilla.novell.com/855825https://bugzilla.novell.com/856848https://bugzilla.novell.com/857358https://bugzilla.novell.com/857643https://bugzilla.novell.com/858604https://bugzilla.novell.com/859225https://bugzilla.novell.com/859342https://bugzilla.novell.com/861093https://bugzilla.novell.com/862796https://bugzilla.novell.com/862957https://bugzilla.novell.com/863178https://bugzilla.novell.com/863526https://bugzilla.novell.com/864025https://bugzilla.novell.com/864058https://bugzilla.novell.com/864833https://bugzilla.novell.com/864880https://bugzilla.novell.com/865342https://bugzilla.novell.com/865783https://bugzilla.novell.com/866253https://bugzilla.novell.com/866428https://bugzilla.novell.com/870801http://download.suse.com/patch/finder/?keywords=16687a9fa96ac20af4faa8cdfc9…http://download.suse.com/patch/finder/?keywords=22dc1e8af18524473cafffecb4b…http://download.suse.com/patch/finder/?keywords=2386e6a1a3b32a7da85c7d674d4…http://download.suse.com/patch/finder/?keywords=3d3bd3e381acb377bb739c05c5a…http://download.suse.com/patch/finder/?keywords=54f3c63bee2dc088c0d6761885a…http://download.suse.com/patch/finder/?keywords=b4a3caafceac4ecd970b8cf2ee7…http://download.suse.com/patch/finder/?keywords=c09969470032946e130c305f40d…http://download.suse.com/patch/finder/?keywords=c62554b736bb29d4bea09917484…http://download.suse.com/patch/finder/?keywords=e622300e3c415568cc6d36c257c…http://download.suse.com/patch/finder/?keywords=e91b14a6ab1b56e7248783a199b…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
SUSE Security Update: Security update for strongswan
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0529-1
Rating: important
References: #870572
Cross-References: CVE-2014-2338
Affected Products:
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP2 LTSS
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 10 SP4 LTSS
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
The following security issue is fixed by this update:
* bnc#870572: strongswan has been updated to fix an
authentication problem where attackers could have bypassed
the IKEv2 authentication. (CVE-2014-2338)
Security Issue reference:
* CVE-2014-2338
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2338
>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-strongswan-9089
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-strongswan-9089
- SUSE Linux Enterprise Server 11 SP2 LTSS:
zypper in -t patch slessp2-strongswan-9091
- SUSE Linux Enterprise Server 11 SP1 LTSS:
zypper in -t patch slessp1-strongswan-9090
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-strongswan-9089
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
strongswan-4.4.0-6.23.1
strongswan-doc-4.4.0-6.23.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64):
strongswan-4.4.0-6.23.1
strongswan-doc-4.4.0-6.23.1
- SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64):
strongswan-4.4.0-6.23.1
strongswan-doc-4.4.0-6.23.1
- SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 4.4.0]:
strongswan-4.4.0-6.23.1
strongswan-doc-4.4.0-6.23.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):
strongswan-4.4.0-6.17.1
strongswan-doc-4.4.0-6.17.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):
strongswan-4.1.10-0.20.1
strongswan-doc-4.1.10-0.20.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):
strongswan-4.4.0-6.23.1
strongswan-doc-4.4.0-6.23.1
References:
http://support.novell.com/security/cve/CVE-2014-2338.htmlhttps://bugzilla.novell.com/870572http://download.suse.com/patch/finder/?keywords=2fa17d32e96a0a6e75cf09c3ee2…http://download.suse.com/patch/finder/?keywords=6934f5428f28e943d4b95fb8018…http://download.suse.com/patch/finder/?keywords=a056596e6640418d5e1521a74c8…http://download.suse.com/patch/finder/?keywords=bf28f278dcbe157650c32cbc447…http://download.suse.com/patch/finder/?keywords=fcda2d9564b781d675247b9a0b0…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
SUSE Security Update: Security update for puppet
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0510-1
Rating: important
References: #864082
Cross-References: CVE-2013-4761
Affected Products:
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP2 LTSS
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
The deployment framework puppet received an update for a
security issue in January.
The backport of this security issue was however incomplete
and broke existing setups. As the scope of the problem is
limited to local scenarios where an attacker likely has
access already, and backporting is not trivial, this
update reverts the fix for now.
We are evaluating the possibility of an update to puppet
2.7 in the future.
Security Issue reference:
* CVE-2013-4761
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-puppet-9033
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-puppet-9033
- SUSE Linux Enterprise Server 11 SP2 LTSS:
zypper in -t patch slessp2-puppet-9034
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-puppet-9033
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
puppet-2.6.18-0.14.1
puppet-server-2.6.18-0.14.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64):
puppet-2.6.18-0.14.1
puppet-server-2.6.18-0.14.1
- SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 2.6.18]:
puppet-2.6.18-0.14.1
puppet-server-2.6.18-0.14.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):
puppet-2.6.18-0.14.1
References:
http://support.novell.com/security/cve/CVE-2013-4761.htmlhttps://bugzilla.novell.com/864082http://download.suse.com/patch/finder/?keywords=24c2c59c4dad1805552510a5de5…http://download.suse.com/patch/finder/?keywords=a6a4981325dec6da4f36ae2016a…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org