August 2014 - openSUSE Security Announce

[security-announce] SUSE-SU-2014:0961-1: important: Security update for openjdk
by opensuse-security＠opensuse.org 04 Aug '14

04 Aug '14

SUSE Security Update: Security update for openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0961-1 Rating: important References: #887530 Cross-References: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. It includes one version update. Description: This Critical Patch Update contains 20 new security fixes for Oracle Java SE. All of these vulnerabilities could have been remotely exploitable without authentication, i.e., could be exploited over a network without the need for a username and password. Security Issues: * CVE-2014-4227 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227> * CVE-2014-4219 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219> * CVE-2014-2490 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490> * CVE-2014-4216 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216> * CVE-2014-4247 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247> * CVE-2014-2483 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483> * CVE-2014-4223 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223> * CVE-2014-4262 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262> * CVE-2014-4209 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209> * CVE-2014-4265 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4265> * CVE-2014-4220 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220> * CVE-2014-4218 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218> * CVE-2014-4252 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252> * CVE-2014-4266 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266> * CVE-2014-4268 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268> * CVE-2014-4264 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264> * CVE-2014-4221 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221> * CVE-2014-4244 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244> * CVE-2014-4263 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263> * CVE-2014-4208 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-9543 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.65]: java-1_7_0-openjdk-1.7.0.65-0.7.4 java-1_7_0-openjdk-demo-1.7.0.65-0.7.4 java-1_7_0-openjdk-devel-1.7.0.65-0.7.4 References: http://support.novell.com/security/cve/CVE-2014-2483.html http://support.novell.com/security/cve/CVE-2014-2490.html http://support.novell.com/security/cve/CVE-2014-4208.html http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4216.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4220.html http://support.novell.com/security/cve/CVE-2014-4221.html http://support.novell.com/security/cve/CVE-2014-4223.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4247.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4264.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4266.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/887530 http://download.suse.com/patch/finder/?keywords=74138caa13d284bb5cbd73e4f76… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2014:0960-1: important: Security update for Mozilla Firefox
by opensuse-security＠opensuse.org 01 Aug '14

01 Aug '14

SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0960-1 Rating: important References: #887746 Cross-References: CVE-2014-1544 CVE-2014-1547 CVE-2014-1548 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 LTSS SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. It includes two new package versions. Description: Mozilla Firefox has been updated to the 24.7ESR security release. Security issues fixed in this release: * CVE-2014-1544 - https://www.mozilla.org/security/announce/2014/mfsa2014-63.html <https://www.mozilla.org/security/announce/2014/mfsa2014-63.html> * CVE-2014-1548 - https://www.mozilla.org/security/announce/2014/mfsa2014-56.html <https://www.mozilla.org/security/announce/2014/mfsa2014-56.html> * CVE-2014-1549 - https://www.mozilla.org/security/announce/2014/mfsa2014-57.html <https://www.mozilla.org/security/announce/2014/mfsa2014-57.html> * CVE-2014-1550 - https://www.mozilla.org/security/announce/2014/mfsa2014-58.html <https://www.mozilla.org/security/announce/2014/mfsa2014-58.html> * CVE-2014-1551 - https://www.mozilla.org/security/announce/2014/mfsa2014-59.html <https://www.mozilla.org/security/announce/2014/mfsa2014-59.html> * CVE-2014-1552 - https://www.mozilla.org/security/announce/2014/mfsa2014-66.html <https://www.mozilla.org/security/announce/2014/mfsa2014-66.html> * CVE-2014-1555 - https://www.mozilla.org/security/announce/2014/mfsa2014-61.html <https://www.mozilla.org/security/announce/2014/mfsa2014-61.html> * CVE-2014-1556 - https://www.mozilla.org/security/announce/2014/mfsa2014-62.html <https://www.mozilla.org/security/announce/2014/mfsa2014-62.html> * CVE-2014-1557 - https://www.mozilla.org/security/announce/2014/mfsa2014-64.html <https://www.mozilla.org/security/announce/2014/mfsa2014-64.html> * CVE-2014-1558, CVE-2014-1559, CVE-2014-1560 - https://www.mozilla.org/security/announce/2014/mfsa2014-65.html <https://www.mozilla.org/security/announce/2014/mfsa2014-65.html> * CVE-2014-1561 - https://www.mozilla.org/security/announce/2014/mfsa2014-60.html <https://www.mozilla.org/security/announce/2014/mfsa2014-60.html> Security Issues: * CVE-2014-1557 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557> * CVE-2014-1547 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547> * CVE-2014-1548 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548> * CVE-2014-1556 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556> * CVE-2014-1544 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544> * CVE-2014-1555 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-firefox-201407-9555 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-firefox-201407-9554 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox-201407-9569 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.16.2]: MozillaFirefox-devel-24.7.0esr-0.8.2 mozilla-nss-devel-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 3.16.2]: libfreebl3-x86-3.16.2-0.8.1 libsoftokn3-x86-3.16.2-0.8.1 mozilla-nss-x86-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.3.1 MozillaFirefox-translations-24.7.0esr-0.3.1 libfreebl3-3.16.2-0.3.1 mozilla-nss-3.16.2-0.3.1 mozilla-nss-devel-3.16.2-0.3.1 mozilla-nss-tools-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.3.1 mozilla-nss-32bit-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.3.1 MozillaFirefox-translations-24.7.0esr-0.3.1 libfreebl3-3.16.2-0.3.1 mozilla-nss-3.16.2-0.3.1 mozilla-nss-tools-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.3.1 mozilla-nss-32bit-3.16.2-0.3.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 3.16.2]: mozilla-nss-3.16.2-0.5.1 mozilla-nss-devel-3.16.2-0.5.1 mozilla-nss-tools-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 3.16.2]: mozilla-nss-32bit-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x): MozillaFirefox-24.7.0esr-0.5.1 MozillaFirefox-translations-24.7.0esr-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64) [New Version: 3.16.2]: mozilla-nss-3.16.2-0.5.1 mozilla-nss-devel-3.16.2-0.5.1 mozilla-nss-tools-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64) [New Version: 3.16.2]: mozilla-nss-32bit-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x): MozillaFirefox-24.7.0esr-0.5.1 MozillaFirefox-translations-24.7.0esr-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 References: http://support.novell.com/security/cve/CVE-2014-1544.html http://support.novell.com/security/cve/CVE-2014-1547.html http://support.novell.com/security/cve/CVE-2014-1548.html http://support.novell.com/security/cve/CVE-2014-1555.html http://support.novell.com/security/cve/CVE-2014-1556.html http://support.novell.com/security/cve/CVE-2014-1557.html https://bugzilla.novell.com/887746 http://download.suse.com/patch/finder/?keywords=196914b4be33c9d122303fc5b0d… http://download.suse.com/patch/finder/?keywords=2d6344b3abcf62e1e68e8c9dda3… http://download.suse.com/patch/finder/?keywords=a771192da5dca3c7e01bde7b62b… http://download.suse.com/patch/finder/?keywords=aeabea2b6efdbb9fcccb116e660… http://download.suse.com/patch/finder/?keywords=f2f8ae117761a6715e1f6766fd3… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2014:0957-1: important: kernel: security and bugfix update
by opensuse-security＠opensuse.org 01 Aug '14

01 Aug '14

openSUSE Security Update: kernel: security and bugfix update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0957-1 Rating: important References: #788080 #867531 #867723 #877257 #880484 #882189 #883518 #883724 #883795 #885422 #885725 Cross-References: CVE-2014-0131 CVE-2014-2309 CVE-2014-3144 CVE-2014-3145 CVE-2014-3917 CVE-2014-4014 CVE-2014-4171 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-4699 Affected Products: openSUSE 12.3 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls. CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c in the Linux kernel did not properly manage a certain backlog value, which allowed remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. CVE-2014-4171: mm/shmem.c in the Linux kernel did not properly implement the interaction between range notification and hole punching, which allowed local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call. CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allowed local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function. CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not properly maintain the user_ctl_count value, which allowed local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allowed local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call. CVE-2014-4653: sound/core/control.c in the ALSA control implementation in the Linux kernel did not ensure possession of a read/write lock, which allowed local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. CVE-2014-4652: Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. CVE-2014-4014: The capabilities implementation in the Linux kernel did not properly consider that namespaces are inapplicable to inodes, which allowed local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root. CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the Linux kernel did not properly count the addition of routes, which allowed remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets. CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. CVE-2014-0131: Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel allowed attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel did not check whether a certain length value is sufficiently large, which allowed local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel used the reverse order in a certain subtraction, which allowed local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. Additional Bug fixed: - HID: logitech-dj: Fix USB 3.0 issue (bnc#788080). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2014-478 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.3 (i586 x86_64): kernel-default-3.7.10-1.40.1 kernel-default-base-3.7.10-1.40.1 kernel-default-base-debuginfo-3.7.10-1.40.1 kernel-default-debuginfo-3.7.10-1.40.1 kernel-default-debugsource-3.7.10-1.40.1 kernel-default-devel-3.7.10-1.40.1 kernel-default-devel-debuginfo-3.7.10-1.40.1 kernel-syms-3.7.10-1.40.1 - openSUSE 12.3 (i686 x86_64): kernel-debug-3.7.10-1.40.1 kernel-debug-base-3.7.10-1.40.1 kernel-debug-base-debuginfo-3.7.10-1.40.1 kernel-debug-debuginfo-3.7.10-1.40.1 kernel-debug-debugsource-3.7.10-1.40.1 kernel-debug-devel-3.7.10-1.40.1 kernel-debug-devel-debuginfo-3.7.10-1.40.1 kernel-desktop-3.7.10-1.40.1 kernel-desktop-base-3.7.10-1.40.1 kernel-desktop-base-debuginfo-3.7.10-1.40.1 kernel-desktop-debuginfo-3.7.10-1.40.1 kernel-desktop-debugsource-3.7.10-1.40.1 kernel-desktop-devel-3.7.10-1.40.1 kernel-desktop-devel-debuginfo-3.7.10-1.40.1 kernel-ec2-3.7.10-1.40.1 kernel-ec2-base-3.7.10-1.40.1 kernel-ec2-base-debuginfo-3.7.10-1.40.1 kernel-ec2-debuginfo-3.7.10-1.40.1 kernel-ec2-debugsource-3.7.10-1.40.1 kernel-ec2-devel-3.7.10-1.40.1 kernel-ec2-devel-debuginfo-3.7.10-1.40.1 kernel-trace-3.7.10-1.40.1 kernel-trace-base-3.7.10-1.40.1 kernel-trace-base-debuginfo-3.7.10-1.40.1 kernel-trace-debuginfo-3.7.10-1.40.1 kernel-trace-debugsource-3.7.10-1.40.1 kernel-trace-devel-3.7.10-1.40.1 kernel-trace-devel-debuginfo-3.7.10-1.40.1 kernel-vanilla-3.7.10-1.40.1 kernel-vanilla-debuginfo-3.7.10-1.40.1 kernel-vanilla-debugsource-3.7.10-1.40.1 kernel-vanilla-devel-3.7.10-1.40.1 kernel-vanilla-devel-debuginfo-3.7.10-1.40.1 kernel-xen-3.7.10-1.40.1 kernel-xen-base-3.7.10-1.40.1 kernel-xen-base-debuginfo-3.7.10-1.40.1 kernel-xen-debuginfo-3.7.10-1.40.1 kernel-xen-debugsource-3.7.10-1.40.1 kernel-xen-devel-3.7.10-1.40.1 kernel-xen-devel-debuginfo-3.7.10-1.40.1 - openSUSE 12.3 (noarch): kernel-devel-3.7.10-1.40.1 kernel-docs-3.7.10-1.40.2 kernel-source-3.7.10-1.40.1 kernel-source-vanilla-3.7.10-1.40.1 - openSUSE 12.3 (i686): kernel-pae-3.7.10-1.40.1 kernel-pae-base-3.7.10-1.40.1 kernel-pae-base-debuginfo-3.7.10-1.40.1 kernel-pae-debuginfo-3.7.10-1.40.1 kernel-pae-debugsource-3.7.10-1.40.1 kernel-pae-devel-3.7.10-1.40.1 kernel-pae-devel-debuginfo-3.7.10-1.40.1 References: http://support.novell.com/security/cve/CVE-2014-0131.html http://support.novell.com/security/cve/CVE-2014-2309.html http://support.novell.com/security/cve/CVE-2014-3144.html http://support.novell.com/security/cve/CVE-2014-3145.html http://support.novell.com/security/cve/CVE-2014-3917.html http://support.novell.com/security/cve/CVE-2014-4014.html http://support.novell.com/security/cve/CVE-2014-4171.html http://support.novell.com/security/cve/CVE-2014-4508.html http://support.novell.com/security/cve/CVE-2014-4652.html http://support.novell.com/security/cve/CVE-2014-4653.html http://support.novell.com/security/cve/CVE-2014-4654.html http://support.novell.com/security/cve/CVE-2014-4655.html http://support.novell.com/security/cve/CVE-2014-4656.html http://support.novell.com/security/cve/CVE-2014-4667.html http://support.novell.com/security/cve/CVE-2014-4699.html https://bugzilla.novell.com/788080 https://bugzilla.novell.com/867531 https://bugzilla.novell.com/867723 https://bugzilla.novell.com/877257 https://bugzilla.novell.com/880484 https://bugzilla.novell.com/882189 https://bugzilla.novell.com/883518 https://bugzilla.novell.com/883724 https://bugzilla.novell.com/883795 https://bugzilla.novell.com/885422 https://bugzilla.novell.com/885725 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0