April 2015 - openSUSE Security Announce

[security-announce] openSUSE-SU-2015:0718-1: important: Security update for Adobe Flash Player
by opensuse-security＠opensuse.org 15 Apr '15

15 Apr '15

openSUSE Security Update: Security update for Adobe Flash Player ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0718-1 Rating: important References: #927089 Cross-References: CVE-2015-0346 CVE-2015-0347 CVE-2015-0348 CVE-2015-0349 CVE-2015-0350 CVE-2015-0351 CVE-2015-0352 CVE-2015-0353 CVE-2015-0354 CVE-2015-0355 CVE-2015-0356 CVE-2015-0357 CVE-2015-0358 CVE-2015-0359 CVE-2015-0360 CVE-2015-3038 CVE-2015-3039 CVE-2015-3040 CVE-2015-3041 CVE-2015-3042 CVE-2015-3043 CVE-2015-3044 Affected Products: openSUSE 13.2:NonFree openSUSE 13.1:NonFree ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: Adobe Flash Player was updated to 11.2.202.457 to fix several security issues that could lead to remote code execution. An exploit for CVE-2015-3043 was reported to exist in the wild. The following vulnerabilities were fixed: * Memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043). * Type confusion vulnerability that could lead to code execution (CVE-2015-0356). * Buffer overflow vulnerability that could lead to code execution (CVE-2015-0348). * Use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039). * Double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359). * Memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040). * Security bypass vulnerability that could lead to information disclosure (CVE-2015-3044). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2:NonFree: zypper in -t patch openSUSE-2015-304=1 - openSUSE 13.1:NonFree: zypper in -t patch openSUSE-2015-304=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2:NonFree (i586 x86_64): flash-player-11.2.202.457-2.48.1 flash-player-gnome-11.2.202.457-2.48.1 flash-player-kde4-11.2.202.457-2.48.1 - openSUSE 13.1:NonFree (i586 x86_64): flash-player-11.2.202.457-113.1 flash-player-gnome-11.2.202.457-113.1 flash-player-kde4-11.2.202.457-113.1 References: https://www.suse.com/security/cve/CVE-2015-0346.html https://www.suse.com/security/cve/CVE-2015-0347.html https://www.suse.com/security/cve/CVE-2015-0348.html https://www.suse.com/security/cve/CVE-2015-0349.html https://www.suse.com/security/cve/CVE-2015-0350.html https://www.suse.com/security/cve/CVE-2015-0351.html https://www.suse.com/security/cve/CVE-2015-0352.html https://www.suse.com/security/cve/CVE-2015-0353.html https://www.suse.com/security/cve/CVE-2015-0354.html https://www.suse.com/security/cve/CVE-2015-0355.html https://www.suse.com/security/cve/CVE-2015-0356.html https://www.suse.com/security/cve/CVE-2015-0357.html https://www.suse.com/security/cve/CVE-2015-0358.html https://www.suse.com/security/cve/CVE-2015-0359.html https://www.suse.com/security/cve/CVE-2015-0360.html https://www.suse.com/security/cve/CVE-2015-3038.html https://www.suse.com/security/cve/CVE-2015-3039.html https://www.suse.com/security/cve/CVE-2015-3040.html https://www.suse.com/security/cve/CVE-2015-3041.html https://www.suse.com/security/cve/CVE-2015-3042.html https://www.suse.com/security/cve/CVE-2015-3043.html https://www.suse.com/security/cve/CVE-2015-3044.html https://bugzilla.suse.com/927089 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2015:0714-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 13 Apr '15

13 Apr '15

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0714-1 Rating: important References: #903640 #904899 #907988 #909078 #910150 #911325 #911326 #912202 #912654 #912705 #913059 #913695 #914175 #915322 #917839 #920901 Cross-References: CVE-2014-7822 CVE-2014-8134 CVE-2014-8160 CVE-2014-8173 CVE-2014-8559 CVE-2014-9419 CVE-2014-9420 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2015-1593 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that solves 11 vulnerabilities and has 5 fixes is now available. Description: The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed: - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could have used this flaw to crash the system. - CVE-2015-1593: A integer overflow reduced the effectiveness of the stack randomization on 64-bit systems. - CVE-2014-7822: A flaw was found in the way the Linux kernels splice() system call validated its parameters. On certain file systems, a local, unprivileged user could have used this flaw to write past the maximum file size, and thus crash the system. - CVE-2014-9419: The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel did not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which made it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address. - CVE-2014-8134: The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel used an improper paravirt_enabled setting for KVM guest kernels, which made it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. - CVE-2014-8160: net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel generated incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allowed remote attackers to bypass intended access restrictions via packets with disallowed port numbers. - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. - CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux kernel through did not properly maintain the semantics of rename_lock, which allowed local users to cause a denial of service (deadlock and system hang) via a crafted application. - CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the Linux kernel did not restrict the number of Rock Ridge continuation entries, which allowed local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. - CVE-2014-9584: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel did not validate a length value in the Extensions Reference (ER) System Use Field, which allowed local users to obtain sensitive information from kernel memory via a crafted iso9660 image. - CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel did not properly choose memory locations for the vDSO area, which made it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD. Following bugs were fixed: - HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103 (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 016f (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 009b (bnc#920901). - HID: usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#920901). - HID: usbhid: fix PIXART optical mouse (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen (bnc#920901). - HID: usbhid: add always-poll quirk (bnc#920901). - storvsc: ring buffer failures may result in I/O freeze (bnc#914175). - mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process being killed (VM Functionality bnc#910150). - Input: evdev - fix EVIOCG{type} ioctl (bnc#904899). - mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount (bsc#907988). - DocBook: Do not exceed argument list limit. - DocBook: Make mandocs parallel-safe. - mm: free compound page with correct order (bnc#913695). - udf: Check component length before reading it. - udf: Check path length when reading symlink. - udf: Verify symlink size before loading it. - udf: Verify i_size when loading inode. - xfs: remote attribute overwrite causes transaction overrun. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2015-301=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i686 x86_64): kernel-debug-3.11.10-29.1 kernel-debug-base-3.11.10-29.1 kernel-debug-base-debuginfo-3.11.10-29.1 kernel-debug-debuginfo-3.11.10-29.1 kernel-debug-debugsource-3.11.10-29.1 kernel-debug-devel-3.11.10-29.1 kernel-debug-devel-debuginfo-3.11.10-29.1 kernel-desktop-3.11.10-29.1 kernel-desktop-base-3.11.10-29.1 kernel-desktop-base-debuginfo-3.11.10-29.1 kernel-desktop-debuginfo-3.11.10-29.1 kernel-desktop-debugsource-3.11.10-29.1 kernel-desktop-devel-3.11.10-29.1 kernel-desktop-devel-debuginfo-3.11.10-29.1 kernel-ec2-3.11.10-29.1 kernel-ec2-base-3.11.10-29.1 kernel-ec2-base-debuginfo-3.11.10-29.1 kernel-ec2-debuginfo-3.11.10-29.1 kernel-ec2-debugsource-3.11.10-29.1 kernel-ec2-devel-3.11.10-29.1 kernel-ec2-devel-debuginfo-3.11.10-29.1 kernel-trace-3.11.10-29.1 kernel-trace-base-3.11.10-29.1 kernel-trace-base-debuginfo-3.11.10-29.1 kernel-trace-debuginfo-3.11.10-29.1 kernel-trace-debugsource-3.11.10-29.1 kernel-trace-devel-3.11.10-29.1 kernel-trace-devel-debuginfo-3.11.10-29.1 kernel-vanilla-3.11.10-29.1 kernel-vanilla-debuginfo-3.11.10-29.1 kernel-vanilla-debugsource-3.11.10-29.1 kernel-vanilla-devel-3.11.10-29.1 kernel-vanilla-devel-debuginfo-3.11.10-29.1 kernel-xen-3.11.10-29.1 kernel-xen-base-3.11.10-29.1 kernel-xen-base-debuginfo-3.11.10-29.1 kernel-xen-debuginfo-3.11.10-29.1 kernel-xen-debugsource-3.11.10-29.1 kernel-xen-devel-3.11.10-29.1 kernel-xen-devel-debuginfo-3.11.10-29.1 - openSUSE 13.1 (i586 x86_64): cloop-2.639-11.19.1 cloop-debuginfo-2.639-11.19.1 cloop-debugsource-2.639-11.19.1 cloop-kmp-default-2.639_k3.11.10_29-11.19.1 cloop-kmp-default-debuginfo-2.639_k3.11.10_29-11.19.1 cloop-kmp-desktop-2.639_k3.11.10_29-11.19.1 cloop-kmp-desktop-debuginfo-2.639_k3.11.10_29-11.19.1 cloop-kmp-xen-2.639_k3.11.10_29-11.19.1 cloop-kmp-xen-debuginfo-2.639_k3.11.10_29-11.19.1 crash-7.0.2-2.19.1 crash-debuginfo-7.0.2-2.19.1 crash-debugsource-7.0.2-2.19.1 crash-devel-7.0.2-2.19.1 crash-doc-7.0.2-2.19.1 crash-eppic-7.0.2-2.19.1 crash-eppic-debuginfo-7.0.2-2.19.1 crash-gcore-7.0.2-2.19.1 crash-gcore-debuginfo-7.0.2-2.19.1 crash-kmp-default-7.0.2_k3.11.10_29-2.19.1 crash-kmp-default-debuginfo-7.0.2_k3.11.10_29-2.19.1 crash-kmp-desktop-7.0.2_k3.11.10_29-2.19.1 crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_29-2.19.1 crash-kmp-xen-7.0.2_k3.11.10_29-2.19.1 crash-kmp-xen-debuginfo-7.0.2_k3.11.10_29-2.19.1 hdjmod-debugsource-1.28-16.19.1 hdjmod-kmp-default-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-default-debuginfo-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-desktop-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-xen-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_29-16.19.1 ipset-6.21.1-2.23.1 ipset-debuginfo-6.21.1-2.23.1 ipset-debugsource-6.21.1-2.23.1 ipset-devel-6.21.1-2.23.1 ipset-kmp-default-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-default-debuginfo-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-desktop-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-xen-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_29-2.23.1 iscsitarget-1.4.20.3-13.19.1 iscsitarget-debuginfo-1.4.20.3-13.19.1 iscsitarget-debugsource-1.4.20.3-13.19.1 iscsitarget-kmp-default-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-xen-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_29-13.19.1 kernel-default-3.11.10-29.1 kernel-default-base-3.11.10-29.1 kernel-default-base-debuginfo-3.11.10-29.1 kernel-default-debuginfo-3.11.10-29.1 kernel-default-debugsource-3.11.10-29.1 kernel-default-devel-3.11.10-29.1 kernel-default-devel-debuginfo-3.11.10-29.1 kernel-syms-3.11.10-29.1 libipset3-6.21.1-2.23.1 libipset3-debuginfo-6.21.1-2.23.1 ndiswrapper-1.58-19.1 ndiswrapper-debuginfo-1.58-19.1 ndiswrapper-debugsource-1.58-19.1 ndiswrapper-kmp-default-1.58_k3.11.10_29-19.1 ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_29-19.1 ndiswrapper-kmp-desktop-1.58_k3.11.10_29-19.1 ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_29-19.1 pcfclock-0.44-258.19.1 pcfclock-debuginfo-0.44-258.19.1 pcfclock-debugsource-0.44-258.19.1 pcfclock-kmp-default-0.44_k3.11.10_29-258.19.1 pcfclock-kmp-default-debuginfo-0.44_k3.11.10_29-258.19.1 pcfclock-kmp-desktop-0.44_k3.11.10_29-258.19.1 pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_29-258.19.1 python-virtualbox-4.2.28-2.28.1 python-virtualbox-debuginfo-4.2.28-2.28.1 vhba-kmp-debugsource-20130607-2.20.1 vhba-kmp-default-20130607_k3.11.10_29-2.20.1 vhba-kmp-default-debuginfo-20130607_k3.11.10_29-2.20.1 vhba-kmp-desktop-20130607_k3.11.10_29-2.20.1 vhba-kmp-desktop-debuginfo-20130607_k3.11.10_29-2.20.1 vhba-kmp-xen-20130607_k3.11.10_29-2.20.1 vhba-kmp-xen-debuginfo-20130607_k3.11.10_29-2.20.1 virtualbox-4.2.28-2.28.1 virtualbox-debuginfo-4.2.28-2.28.1 virtualbox-debugsource-4.2.28-2.28.1 virtualbox-devel-4.2.28-2.28.1 virtualbox-guest-kmp-default-4.2.28_k3.11.10_29-2.28.1 virtualbox-guest-kmp-default-debuginfo-4.2.28_k3.11.10_29-2.28.1 virtualbox-guest-kmp-desktop-4.2.28_k3.11.10_29-2.28.1 virtualbox-guest-kmp-desktop-debuginfo-4.2.28_k3.11.10_29-2.28.1 virtualbox-guest-tools-4.2.28-2.28.1 virtualbox-guest-tools-debuginfo-4.2.28-2.28.1 virtualbox-guest-x11-4.2.28-2.28.1 virtualbox-guest-x11-debuginfo-4.2.28-2.28.1 virtualbox-host-kmp-default-4.2.28_k3.11.10_29-2.28.1 virtualbox-host-kmp-default-debuginfo-4.2.28_k3.11.10_29-2.28.1 virtualbox-host-kmp-desktop-4.2.28_k3.11.10_29-2.28.1 virtualbox-host-kmp-desktop-debuginfo-4.2.28_k3.11.10_29-2.28.1 virtualbox-qt-4.2.28-2.28.1 virtualbox-qt-debuginfo-4.2.28-2.28.1 virtualbox-websrv-4.2.28-2.28.1 virtualbox-websrv-debuginfo-4.2.28-2.28.1 xen-debugsource-4.3.3_04-37.1 xen-devel-4.3.3_04-37.1 xen-kmp-default-4.3.3_04_k3.11.10_29-37.1 xen-kmp-default-debuginfo-4.3.3_04_k3.11.10_29-37.1 xen-kmp-desktop-4.3.3_04_k3.11.10_29-37.1 xen-kmp-desktop-debuginfo-4.3.3_04_k3.11.10_29-37.1 xen-libs-4.3.3_04-37.1 xen-libs-debuginfo-4.3.3_04-37.1 xen-tools-domU-4.3.3_04-37.1 xen-tools-domU-debuginfo-4.3.3_04-37.1 xtables-addons-2.3-2.19.1 xtables-addons-debuginfo-2.3-2.19.1 xtables-addons-debugsource-2.3-2.19.1 xtables-addons-kmp-default-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-desktop-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-xen-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-xen-debuginfo-2.3_k3.11.10_29-2.19.1 - openSUSE 13.1 (noarch): kernel-devel-3.11.10-29.1 kernel-docs-3.11.10-29.2 kernel-source-3.11.10-29.1 kernel-source-vanilla-3.11.10-29.1 - openSUSE 13.1 (x86_64): xen-4.3.3_04-37.1 xen-doc-html-4.3.3_04-37.1 xen-libs-32bit-4.3.3_04-37.1 xen-libs-debuginfo-32bit-4.3.3_04-37.1 xen-tools-4.3.3_04-37.1 xen-tools-debuginfo-4.3.3_04-37.1 xen-xend-tools-4.3.3_04-37.1 xen-xend-tools-debuginfo-4.3.3_04-37.1 - openSUSE 13.1 (i686): kernel-pae-3.11.10-29.1 kernel-pae-base-3.11.10-29.1 kernel-pae-base-debuginfo-3.11.10-29.1 kernel-pae-debuginfo-3.11.10-29.1 kernel-pae-debugsource-3.11.10-29.1 kernel-pae-devel-3.11.10-29.1 kernel-pae-devel-debuginfo-3.11.10-29.1 - openSUSE 13.1 (i586): cloop-kmp-pae-2.639_k3.11.10_29-11.19.1 cloop-kmp-pae-debuginfo-2.639_k3.11.10_29-11.19.1 crash-kmp-pae-7.0.2_k3.11.10_29-2.19.1 crash-kmp-pae-debuginfo-7.0.2_k3.11.10_29-2.19.1 hdjmod-kmp-pae-1.28_k3.11.10_29-16.19.1 hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_29-16.19.1 ipset-kmp-pae-6.21.1_k3.11.10_29-2.23.1 ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_29-2.23.1 iscsitarget-kmp-pae-1.4.20.3_k3.11.10_29-13.19.1 iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.11.10_29-13.19.1 ndiswrapper-kmp-pae-1.58_k3.11.10_29-19.1 ndiswrapper-kmp-pae-debuginfo-1.58_k3.11.10_29-19.1 pcfclock-kmp-pae-0.44_k3.11.10_29-258.19.1 pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_29-258.19.1 vhba-kmp-pae-20130607_k3.11.10_29-2.20.1 vhba-kmp-pae-debuginfo-20130607_k3.11.10_29-2.20.1 virtualbox-guest-kmp-pae-4.2.28_k3.11.10_29-2.28.1 virtualbox-guest-kmp-pae-debuginfo-4.2.28_k3.11.10_29-2.28.1 virtualbox-host-kmp-pae-4.2.28_k3.11.10_29-2.28.1 virtualbox-host-kmp-pae-debuginfo-4.2.28_k3.11.10_29-2.28.1 xen-kmp-pae-4.3.3_04_k3.11.10_29-37.1 xen-kmp-pae-debuginfo-4.3.3_04_k3.11.10_29-37.1 xtables-addons-kmp-pae-2.3_k3.11.10_29-2.19.1 xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_29-2.19.1 References: https://www.suse.com/security/cve/CVE-2014-7822.html https://www.suse.com/security/cve/CVE-2014-8134.html https://www.suse.com/security/cve/CVE-2014-8160.html https://www.suse.com/security/cve/CVE-2014-8173.html https://www.suse.com/security/cve/CVE-2014-8559.html https://www.suse.com/security/cve/CVE-2014-9419.html https://www.suse.com/security/cve/CVE-2014-9420.html https://www.suse.com/security/cve/CVE-2014-9529.html https://www.suse.com/security/cve/CVE-2014-9584.html https://www.suse.com/security/cve/CVE-2014-9585.html https://www.suse.com/security/cve/CVE-2015-1593.html https://bugzilla.suse.com/903640 https://bugzilla.suse.com/904899 https://bugzilla.suse.com/907988 https://bugzilla.suse.com/909078 https://bugzilla.suse.com/910150 https://bugzilla.suse.com/911325 https://bugzilla.suse.com/911326 https://bugzilla.suse.com/912202 https://bugzilla.suse.com/912654 https://bugzilla.suse.com/912705 https://bugzilla.suse.com/913059 https://bugzilla.suse.com/913695 https://bugzilla.suse.com/914175 https://bugzilla.suse.com/915322 https://bugzilla.suse.com/917839 https://bugzilla.suse.com/920901 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2015:0713-1: important: Security update for Linux Kernel
by opensuse-security＠opensuse.org 13 Apr '15

13 Apr '15

openSUSE Security Update: Security update for Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0713-1 Rating: important References: #867199 #893428 #895797 #900811 #901925 #903589 #903640 #904899 #905681 #907039 #907818 #907988 #908582 #908588 #908589 #908592 #908593 #908594 #908596 #908598 #908603 #908604 #908605 #908606 #908608 #908610 #908612 #909077 #909078 #909477 #909634 #910150 #910322 #910440 #911311 #911325 #911326 #911356 #911438 #911578 #911835 #912061 #912202 #912429 #912705 #913059 #913466 #913695 #914175 #915425 #915454 #915456 #915577 #915858 #916608 #917830 #917839 #918954 #918970 #919463 #920581 #920604 #921313 #922542 #922944 Cross-References: CVE-2014-8134 CVE-2014-8160 CVE-2014-8559 CVE-2014-9419 CVE-2014-9420 CVE-2014-9428 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2015-0777 CVE-2015-1421 CVE-2015-1593 CVE-2015-2150 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that solves 13 vulnerabilities and has 52 fixes is now available. Description: The Linux kernel was updated to fix bugs and security issues: Following security issues were fixed: - CVE-2015-1421: Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel allowed remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. - CVE-2015-2150: XSA-120: Guests were permitted to modify all bits of the PCI command register of passed through cards, which could lead to Host system crashes. - CVE-2015-0777: The XEN usb backend could leak information to the guest system due to copying uninitialized memory. - CVE-2015-1593: A integer overflow reduced the effectiveness of the stack randomization on 64-bit systems. - CVE-2014-9419: The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel did not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which made it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address. - CVE-2014-9428: The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel used an incorrect length field during a calculation of an amount of memory, which allowed remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets. - CVE-2014-8160: net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel generated incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allowed remote attackers to bypass intended access restrictions via packets with disallowed port numbers. - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. - CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the Linux kernel did not restrict the number of Rock Ridge continuation entries, which allowed local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. - CVE-2014-9584: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel did not validate a length value in the Extensions Reference (ER) System Use Field, which allowed local users to obtain sensitive information from kernel memory via a crafted iso9660 image. - CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel did not properly choose memory locations for the vDSO area, which made it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD. - CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux kernel through did not properly maintain the semantics of rename_lock, which allowed local users to cause a denial of service (deadlock and system hang) via a crafted application. - CVE-2014-8134: The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel used an improper paravirt_enabled setting for KVM guest kernels, which made it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. Following bugs were fixed: - powerpc/pci: Fix IO space breakage after of_pci_range_to_resource() change (bnc#922542). - cifs: fix use-after-free bug in find_writable_file (bnc#909477). - usb: Do not allow usb_alloc_streams on unconfigured devices (bsc#920581). - fuse: honour max_read and max_write in direct_io mode (bnc#918954). - switch iov_iter_get_pages() to passing maximal number of pages (bnc#918954). - bcache: fix a livelock in btree lock v2 (bnc#910440) (bnc#910440). Updated because another version went upstream - drm/i915: Initialise userptr mmu_notifier serial to 1 (bnc#918970). - NFS: Don't try to reclaim delegation open state if recovery failed (boo#909634). - NFSv4: Ensure that we call FREE_STATEID when NFSv4.x stateids are revoked (boo#909634). - NFSv4: Fix races between nfs_remove_bad_delegation() and delegation return (boo#909634). - NFSv4: Ensure that we remove NFSv4.0 delegations when state has expired (boo#909634). - Fixing lease renewal (boo#909634). - bcache: Fix a bug when detaching (bsc#908582). - fix a leak in bch_cached_dev_run() (bnc#910440). - bcache: unregister reboot notifier when bcache fails to register a block device (bnc#910440). - bcache: fix a livelock in btree lock (bnc#910440). - bcache: [BUG] clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device (bnc#910440). - bcache: Add a cond_resched() call to gc (bnc#910440). - storvsc: ring buffer failures may result in I/O freeze (bnc#914175). - ALSA: seq-dummy: remove deadlock-causing events on close (boo#916608). - ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat mode (boo#916608). - ALSA: bebob: Uninitialized id returned by saffirepro_both_clk_src_get (boo#916608). - ALSA: hda - Fix built-in mic on Compaq Presario CQ60 (bnc#920604). - ALSA: hda - Fix regression of HD-audio controller fallback modes (bsc#921313). - [media] sound: Update au0828 quirks table (boo#916608). - [media] sound: simplify au0828 quirk table (boo#916608). - ALSA: usb-audio: Add mic volume fix quirk for Logitech Webcam C210 (boo#916608). - ALSA: usb-audio: extend KEF X300A FU 10 tweak to Arcam rPAC (boo#916608). - ALSA: usb-audio: Add ctrl message delay quirk for Marantz/Denon devices (boo#916608). - ALSA: usb-audio: Fix memory leak in FTU quirk (boo#916608). - ALSA: usb-audio: Fix device_del() sysfs warnings at disconnect (boo#916608). - ALSA: hda - Add new GPU codec ID 0x10de0072 to snd-hda (boo#916608). - ALSA: hda - Fix wrong gpio_dir & gpio_mask hint setups for IDT/STAC codecs (boo#916608). - ALSA: hda/realtek - New codec support for ALC298 (boo#916608). - ALSA: hda/realtek - New codec support for ALC256 (boo#916608). - ALSA: hda/realtek - Add new Dell desktop for ALC3234 headset mode (boo#916608). - ALSA: hda - Add EAPD fixup for ASUS Z99He laptop (boo#916608). - ALSA: hda - Fix built-in mic at resume on Lenovo Ideapad S210 (boo#916608). - ALSA: hda/realtek - Add headset Mic support for new Dell machine (boo#916608). - ALSA: hda_intel: Add DeviceIDs for Sunrise Point-LP (boo#916608). - ALSA: hda_intel: Add Device IDs for Intel Sunrise Point PCH (boo#916608). - ALSA: hda - add codec ID for Braswell display audio codec (boo#916608). - ALSA: hda - add PCI IDs for Intel Braswell (boo#916608). - ALSA: hda - Add dock support for Thinkpad T440 (17aa:2212) (boo#916608). - ALSA: hda - Set up GPIO for Toshiba Satellite S50D (bnc#915858). - rpm/kernel-binary.spec.in: Fix build if there is no *.crt file - mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process being killed (VM Functionality bnc#910150). - Input: evdev - fix EVIOCG{type} ioctl (bnc#904899). - mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount (bsc#907988). - Btrfs: fix scrub race leading to use-after-free (bnc#915456). - Btrfs: fix setup_leaf_for_split() to avoid leaf corruption (bnc#915454). - Btrfs: fix fsync log replay for inodes with a mix of regular refs and extrefs (bnc#915425). - Btrfs: fix fsync when extend references are added to an inode (bnc#915425). - Btrfs: fix directory inconsistency after fsync log replay (bnc#915425). - Btrfs: make xattr replace operations atomic (bnc#913466). - Btrfs: fix directory recovery from fsync log (bnc#895797). - bcache: add mutex lock for bch_is_open (bnc#908612). - bcache: Correct printing of btree_gc_max_duration_ms (bnc#908610). - bcache: fix crash with incomplete cache set (bnc#908608). - bcache: fix memory corruption in init error path (bnc#908606). - bcache: Fix more early shutdown bugs (bnc#908605). - bcache: fix use-after-free in btree_gc_coalesce() (bnc#908604). - bcache: Fix an infinite loop in journal replay (bnc#908603). - bcache: fix typo in bch_bkey_equal_header (bnc#908598). - bcache: Make sure to pass GFP_WAIT to mempool_alloc() (bnc#908596). - bcache: fix crash on shutdown in passthrough mode (bnc#908594). - bcache: fix lockdep warnings on shutdown (bnc#908593). - bcache allocator: send discards with correct size (bnc#908592). - bcache: Fix to remove the rcu_sched stalls (bnc#908589). - bcache: Fix a journal replay bug (bnc#908588). - Update x86_64 config files: CONFIG_SENSORS_NCT6683=m The nct6683 driver is already enabled on i386 and history suggests that it not being enabled on x86_64 is by mistake. - rpm/kernel-binary.spec.in: Own the modules directory in the devel package (bnc#910322) - Revert "iwlwifi: mvm: treat EAPOLs like mgmt frames wrt rate" (bnc#900811). - mm: free compound page with correct order (bnc#913695). - drm/i915: More cautious with pch fifo underruns (boo#907039). - Refresh patches.arch/arm64-0039-generic-pci.patch (fix PCI bridge support) - x86/microcode/intel: Fish out the stashed microcode for the BSP (bsc#903589). - x86, microcode: Reload microcode on resume (bsc#903589). - x86, microcode: Don't initialize microcode code on paravirt (bsc#903589). - x86, microcode, intel: Drop unused parameter (bsc#903589). - x86, microcode, AMD: Do not use smp_processor_id() in preemtible context (bsc#903589). - x86, microcode: Update BSPs microcode on resume (bsc#903589). - x86, microcode, AMD: Fix ucode patch stashing on 32-bit (bsc#903589). - x86, microcode: Fix accessing dis_ucode_ldr on 32-bit (bsc#903589). - x86, microcode, AMD: Fix early ucode loading on 32-bit (bsc#903589). - Bluetooth: Add support for Broadcom BCM20702A0 variants firmware download (bnc#911311). - drm/radeon: fix sad_count check for dce3 (bnc#911356). - drm/i915: Don't call intel_prepare_page_flip() multiple times on gen2-4 (bnc#911835). - udf: Check component length before reading it. - udf: Check path length when reading symlink. - udf: Verify symlink size before loading it. - udf: Verify i_size when loading inode. - arm64: Enable DRM - arm64: Enable generic PHB driver (bnc#912061). - ACPI / video: Add some Samsung models to disable_native_backlight list (boo#905681). - asus-nb-wmi: Add another wapf=4 quirk (boo#911438). - asus-nb-wmi: Add wapf4 quirk for the X550VB (boo#911438). - asus-nb-wmi: Add wapf4 quirk for the U32U (boo#911438). - asus-nb-wmi: Add wapf4 quirk for the X550CC (boo#911438). - asus-nb-wmi: Constify asus_quirks DMI table (boo#911438). - asus-nb-wmi: Add wapf4 quirk for the X550CL (boo#911438). - asus-nb-wmi.c: Rename x401u quirk to wapf4 (boo#911438). - asus-nb-wmi: Add ASUSTeK COMPUTER INC. X200CA (boo#911438). - WAPF 4 for ASUSTeK COMPUTER INC. X75VBP WLAN ON (boo#911438). - Input: synaptics - gate forcepad support by DMI check (bnc#911578). - ext4: introduce aging to extent status tree (bnc#893428). - ext4: cleanup flag definitions for extent status tree (bnc#893428). - ext4: limit number of scanned extents in status tree shrinker (bnc#893428). - ext4: move handling of list of shrinkable inodes into extent status code (bnc#893428). - ext4: change LRU to round-robin in extent status tree shrinker (bnc#893428). - ext4: cache extent hole in extent status tree for ext4_da_map_blocks() (bnc#893428). - ext4: fix block reservation for bigalloc filesystems (bnc#893428). - ext4: track extent status tree shrinker delay statictics (bnc#893428). - ext4: improve extents status tree trace point (bnc#893428). - rpm/kernel-binary.spec.in: Provide name-version-release for kgraft packages (bnc#901925) - rpm/kernel-binary.spec.in: Fix including the secure boot cert in /etc/uefi/certs - doc/README.SUSE: update Solid Driver team contacts - rpm/kernel-binary.spec.in: Do not sign firmware files (bnc#867199) - Port module signing changes from SLE11-SP3 (fate#314508) - doc/README.PATCH-POLICY.SUSE: add patch policy / best practices document after installation. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-302=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i686 x86_64): kernel-debug-3.16.7-13.2 kernel-debug-base-3.16.7-13.2 kernel-debug-base-debuginfo-3.16.7-13.2 kernel-debug-debuginfo-3.16.7-13.2 kernel-debug-debugsource-3.16.7-13.2 kernel-debug-devel-3.16.7-13.2 kernel-debug-devel-debuginfo-3.16.7-13.2 kernel-desktop-3.16.7-13.2 kernel-desktop-base-3.16.7-13.2 kernel-desktop-base-debuginfo-3.16.7-13.2 kernel-desktop-debuginfo-3.16.7-13.2 kernel-desktop-debugsource-3.16.7-13.2 kernel-desktop-devel-3.16.7-13.2 kernel-ec2-3.16.7-13.2 kernel-ec2-base-3.16.7-13.2 kernel-ec2-base-debuginfo-3.16.7-13.2 kernel-ec2-debuginfo-3.16.7-13.2 kernel-ec2-debugsource-3.16.7-13.2 kernel-ec2-devel-3.16.7-13.2 kernel-vanilla-3.16.7-13.2 kernel-vanilla-debuginfo-3.16.7-13.2 kernel-vanilla-debugsource-3.16.7-13.2 kernel-vanilla-devel-3.16.7-13.2 kernel-xen-3.16.7-13.2 kernel-xen-base-3.16.7-13.2 kernel-xen-base-debuginfo-3.16.7-13.2 kernel-xen-debuginfo-3.16.7-13.2 kernel-xen-debugsource-3.16.7-13.2 kernel-xen-devel-3.16.7-13.2 - openSUSE 13.2 (i586 x86_64): bbswitch-0.8-3.6.6 bbswitch-debugsource-0.8-3.6.6 bbswitch-kmp-default-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-default-debuginfo-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-desktop-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-xen-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_13-3.6.6 cloop-2.639-14.6.6 cloop-debuginfo-2.639-14.6.6 cloop-debugsource-2.639-14.6.6 cloop-kmp-default-2.639_k3.16.7_13-14.6.6 cloop-kmp-default-debuginfo-2.639_k3.16.7_13-14.6.6 cloop-kmp-desktop-2.639_k3.16.7_13-14.6.6 cloop-kmp-desktop-debuginfo-2.639_k3.16.7_13-14.6.6 cloop-kmp-xen-2.639_k3.16.7_13-14.6.6 cloop-kmp-xen-debuginfo-2.639_k3.16.7_13-14.6.6 crash-7.0.8-6.6 crash-debuginfo-7.0.8-6.6 crash-debugsource-7.0.8-6.6 crash-devel-7.0.8-6.6 crash-doc-7.0.8-6.6 crash-eppic-7.0.8-6.6 crash-eppic-debuginfo-7.0.8-6.6 crash-gcore-7.0.8-6.6 crash-gcore-debuginfo-7.0.8-6.6 crash-kmp-default-7.0.8_k3.16.7_13-6.6 crash-kmp-default-debuginfo-7.0.8_k3.16.7_13-6.6 crash-kmp-desktop-7.0.8_k3.16.7_13-6.6 crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_13-6.6 crash-kmp-xen-7.0.8_k3.16.7_13-6.6 crash-kmp-xen-debuginfo-7.0.8_k3.16.7_13-6.6 hdjmod-debugsource-1.28-18.7.6 hdjmod-kmp-default-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-default-debuginfo-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-desktop-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-xen-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_13-18.7.6 ipset-6.23-6.6 ipset-debuginfo-6.23-6.6 ipset-debugsource-6.23-6.6 ipset-devel-6.23-6.6 ipset-kmp-default-6.23_k3.16.7_13-6.6 ipset-kmp-default-debuginfo-6.23_k3.16.7_13-6.6 ipset-kmp-desktop-6.23_k3.16.7_13-6.6 ipset-kmp-desktop-debuginfo-6.23_k3.16.7_13-6.6 ipset-kmp-xen-6.23_k3.16.7_13-6.6 ipset-kmp-xen-debuginfo-6.23_k3.16.7_13-6.6 kernel-default-3.16.7-13.3 kernel-default-base-3.16.7-13.3 kernel-default-base-debuginfo-3.16.7-13.3 kernel-default-debuginfo-3.16.7-13.3 kernel-default-debugsource-3.16.7-13.3 kernel-default-devel-3.16.7-13.3 kernel-obs-build-3.16.7-13.7 kernel-obs-build-debugsource-3.16.7-13.7 kernel-obs-qa-3.16.7-13.1 kernel-obs-qa-xen-3.16.7-13.1 kernel-syms-3.16.7-13.1 libipset3-6.23-6.6 libipset3-debuginfo-6.23-6.6 pcfclock-0.44-260.6.2 pcfclock-debuginfo-0.44-260.6.2 pcfclock-debugsource-0.44-260.6.2 pcfclock-kmp-default-0.44_k3.16.7_13-260.6.2 pcfclock-kmp-default-debuginfo-0.44_k3.16.7_13-260.6.2 pcfclock-kmp-desktop-0.44_k3.16.7_13-260.6.2 pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_13-260.6.2 python-virtualbox-4.3.20-10.2 python-virtualbox-debuginfo-4.3.20-10.2 vhba-kmp-debugsource-20140629-2.6.2 vhba-kmp-default-20140629_k3.16.7_13-2.6.2 vhba-kmp-default-debuginfo-20140629_k3.16.7_13-2.6.2 vhba-kmp-desktop-20140629_k3.16.7_13-2.6.2 vhba-kmp-desktop-debuginfo-20140629_k3.16.7_13-2.6.2 vhba-kmp-xen-20140629_k3.16.7_13-2.6.2 vhba-kmp-xen-debuginfo-20140629_k3.16.7_13-2.6.2 virtualbox-4.3.20-10.2 virtualbox-debuginfo-4.3.20-10.2 virtualbox-debugsource-4.3.20-10.2 virtualbox-devel-4.3.20-10.2 virtualbox-guest-kmp-default-4.3.20_k3.16.7_13-10.2 virtualbox-guest-kmp-default-debuginfo-4.3.20_k3.16.7_13-10.2 virtualbox-guest-kmp-desktop-4.3.20_k3.16.7_13-10.2 virtualbox-guest-kmp-desktop-debuginfo-4.3.20_k3.16.7_13-10.2 virtualbox-guest-tools-4.3.20-10.2 virtualbox-guest-tools-debuginfo-4.3.20-10.2 virtualbox-guest-x11-4.3.20-10.2 virtualbox-guest-x11-debuginfo-4.3.20-10.2 virtualbox-host-kmp-default-4.3.20_k3.16.7_13-10.2 virtualbox-host-kmp-default-debuginfo-4.3.20_k3.16.7_13-10.2 virtualbox-host-kmp-desktop-4.3.20_k3.16.7_13-10.2 virtualbox-host-kmp-desktop-debuginfo-4.3.20_k3.16.7_13-10.2 virtualbox-qt-4.3.20-10.2 virtualbox-qt-debuginfo-4.3.20-10.2 virtualbox-websrv-4.3.20-10.2 virtualbox-websrv-debuginfo-4.3.20-10.2 xen-debugsource-4.4.1_08-12.2 xen-devel-4.4.1_08-12.2 xen-libs-4.4.1_08-12.2 xen-libs-debuginfo-4.4.1_08-12.2 xen-tools-domU-4.4.1_08-12.2 xen-tools-domU-debuginfo-4.4.1_08-12.2 xtables-addons-2.6-6.2 xtables-addons-debuginfo-2.6-6.2 xtables-addons-debugsource-2.6-6.2 xtables-addons-kmp-default-2.6_k3.16.7_13-6.2 xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_13-6.2 xtables-addons-kmp-desktop-2.6_k3.16.7_13-6.2 xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_13-6.2 xtables-addons-kmp-xen-2.6_k3.16.7_13-6.2 xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_13-6.2 - openSUSE 13.2 (noarch): kernel-devel-3.16.7-13.1 kernel-docs-3.16.7-13.2 kernel-macros-3.16.7-13.1 kernel-source-3.16.7-13.1 kernel-source-vanilla-3.16.7-13.1 virtualbox-guest-desktop-icons-4.3.20-10.2 - openSUSE 13.2 (x86_64): xen-4.4.1_08-12.2 xen-doc-html-4.4.1_08-12.2 xen-kmp-default-4.4.1_08_k3.16.7_13-12.2 xen-kmp-default-debuginfo-4.4.1_08_k3.16.7_13-12.2 xen-kmp-desktop-4.4.1_08_k3.16.7_13-12.2 xen-kmp-desktop-debuginfo-4.4.1_08_k3.16.7_13-12.2 xen-libs-32bit-4.4.1_08-12.2 xen-libs-debuginfo-32bit-4.4.1_08-12.2 xen-tools-4.4.1_08-12.2 xen-tools-debuginfo-4.4.1_08-12.2 - openSUSE 13.2 (i686): kernel-pae-3.16.7-13.2 kernel-pae-base-3.16.7-13.2 kernel-pae-base-debuginfo-3.16.7-13.2 kernel-pae-debuginfo-3.16.7-13.2 kernel-pae-debugsource-3.16.7-13.2 kernel-pae-devel-3.16.7-13.2 - openSUSE 13.2 (i586): bbswitch-kmp-pae-0.8_k3.16.7_13-3.6.6 bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_13-3.6.6 cloop-kmp-pae-2.639_k3.16.7_13-14.6.6 cloop-kmp-pae-debuginfo-2.639_k3.16.7_13-14.6.6 crash-kmp-pae-7.0.8_k3.16.7_13-6.6 crash-kmp-pae-debuginfo-7.0.8_k3.16.7_13-6.6 hdjmod-kmp-pae-1.28_k3.16.7_13-18.7.6 hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_13-18.7.6 ipset-kmp-pae-6.23_k3.16.7_13-6.6 ipset-kmp-pae-debuginfo-6.23_k3.16.7_13-6.6 pcfclock-kmp-pae-0.44_k3.16.7_13-260.6.2 pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_13-260.6.2 vhba-kmp-pae-20140629_k3.16.7_13-2.6.2 vhba-kmp-pae-debuginfo-20140629_k3.16.7_13-2.6.2 virtualbox-guest-kmp-pae-4.3.20_k3.16.7_13-10.2 virtualbox-guest-kmp-pae-debuginfo-4.3.20_k3.16.7_13-10.2 virtualbox-host-kmp-pae-4.3.20_k3.16.7_13-10.2 virtualbox-host-kmp-pae-debuginfo-4.3.20_k3.16.7_13-10.2 xtables-addons-kmp-pae-2.6_k3.16.7_13-6.2 xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_13-6.2 References: https://www.suse.com/security/cve/CVE-2014-8134.html https://www.suse.com/security/cve/CVE-2014-8160.html https://www.suse.com/security/cve/CVE-2014-8559.html https://www.suse.com/security/cve/CVE-2014-9419.html https://www.suse.com/security/cve/CVE-2014-9420.html https://www.suse.com/security/cve/CVE-2014-9428.html https://www.suse.com/security/cve/CVE-2014-9529.html https://www.suse.com/security/cve/CVE-2014-9584.html https://www.suse.com/security/cve/CVE-2014-9585.html https://www.suse.com/security/cve/CVE-2015-0777.html https://www.suse.com/security/cve/CVE-2015-1421.html https://www.suse.com/security/cve/CVE-2015-1593.html https://www.suse.com/security/cve/CVE-2015-2150.html https://bugzilla.suse.com/867199 https://bugzilla.suse.com/893428 https://bugzilla.suse.com/895797 https://bugzilla.suse.com/900811 https://bugzilla.suse.com/901925 https://bugzilla.suse.com/903589 https://bugzilla.suse.com/903640 https://bugzilla.suse.com/904899 https://bugzilla.suse.com/905681 https://bugzilla.suse.com/907039 https://bugzilla.suse.com/907818 https://bugzilla.suse.com/907988 https://bugzilla.suse.com/908582 https://bugzilla.suse.com/908588 https://bugzilla.suse.com/908589 https://bugzilla.suse.com/908592 https://bugzilla.suse.com/908593 https://bugzilla.suse.com/908594 https://bugzilla.suse.com/908596 https://bugzilla.suse.com/908598 https://bugzilla.suse.com/908603 https://bugzilla.suse.com/908604 https://bugzilla.suse.com/908605 https://bugzilla.suse.com/908606 https://bugzilla.suse.com/908608 https://bugzilla.suse.com/908610 https://bugzilla.suse.com/908612 https://bugzilla.suse.com/909077 https://bugzilla.suse.com/909078 https://bugzilla.suse.com/909477 https://bugzilla.suse.com/909634 https://bugzilla.suse.com/910150 https://bugzilla.suse.com/910322 https://bugzilla.suse.com/910440 https://bugzilla.suse.com/911311 https://bugzilla.suse.com/911325 https://bugzilla.suse.com/911326 https://bugzilla.suse.com/911356 https://bugzilla.suse.com/911438 https://bugzilla.suse.com/911578 https://bugzilla.suse.com/911835 https://bugzilla.suse.com/912061 https://bugzilla.suse.com/912202 https://bugzilla.suse.com/912429 https://bugzilla.suse.com/912705 https://bugzilla.suse.com/913059 https://bugzilla.suse.com/913466 https://bugzilla.suse.com/913695 https://bugzilla.suse.com/914175 https://bugzilla.suse.com/915425 https://bugzilla.suse.com/915454 https://bugzilla.suse.com/915456 https://bugzilla.suse.com/915577 https://bugzilla.suse.com/915858 https://bugzilla.suse.com/916608 https://bugzilla.suse.com/917830 https://bugzilla.suse.com/917839 https://bugzilla.suse.com/918954 https://bugzilla.suse.com/918970 https://bugzilla.suse.com/919463 https://bugzilla.suse.com/920581 https://bugzilla.suse.com/920604 https://bugzilla.suse.com/921313 https://bugzilla.suse.com/922542 https://bugzilla.suse.com/922944 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2015:0704-2: important: Security update for MozillaFirefox
by opensuse-security＠opensuse.org 10 Apr '15

10 Apr '15

SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0704-2 Rating: important References: #925368 Cross-References: CVE-2015-0801 CVE-2015-0807 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816 Affected Products: SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues. The following vulnerabilities were fixed: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816) * CORS requests should not follow 30x redirections after preflight (MFSA 2015-37/CVE-2015-0807) * Same-origin bypass through anchor navigation (MFSA 2015-40/CVE-2015-0801) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-165=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 12 (x86_64): MozillaFirefox-31.6.0esr-30.1 MozillaFirefox-debuginfo-31.6.0esr-30.1 MozillaFirefox-debugsource-31.6.0esr-30.1 MozillaFirefox-translations-31.6.0esr-30.1 References: https://www.suse.com/security/cve/CVE-2015-0801.html https://www.suse.com/security/cve/CVE-2015-0807.html https://www.suse.com/security/cve/CVE-2015-0813.html https://www.suse.com/security/cve/CVE-2015-0814.html https://www.suse.com/security/cve/CVE-2015-0815.html https://www.suse.com/security/cve/CVE-2015-0816.html https://bugzilla.suse.com/925368 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2015:0704-1: important: Security update for MozillaFirefox
by opensuse-security＠opensuse.org 10 Apr '15

10 Apr '15

SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0704-1 Rating: important References: #925368 Cross-References: CVE-2015-0801 CVE-2015-0807 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues. The following vulnerabilities were fixed: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816) * CORS requests should not follow 30x redirections after preflight (MFSA 2015-37/CVE-2015-0807) * Same-origin bypass through anchor navigation (MFSA 2015-40/CVE-2015-0801) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-165=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-165=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-31.6.0esr-30.1 MozillaFirefox-debugsource-31.6.0esr-30.1 MozillaFirefox-devel-31.6.0esr-30.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): MozillaFirefox-31.6.0esr-30.1 MozillaFirefox-debuginfo-31.6.0esr-30.1 MozillaFirefox-debugsource-31.6.0esr-30.1 MozillaFirefox-translations-31.6.0esr-30.1 References: https://www.suse.com/security/cve/CVE-2015-0801.html https://www.suse.com/security/cve/CVE-2015-0807.html https://www.suse.com/security/cve/CVE-2015-0813.html https://www.suse.com/security/cve/CVE-2015-0814.html https://www.suse.com/security/cve/CVE-2015-0815.html https://www.suse.com/security/cve/CVE-2015-0816.html https://bugzilla.suse.com/925368 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2015:0702-1: important: Security update for libXfont
by opensuse-security＠opensuse.org 10 Apr '15

10 Apr '15

SUSE Security Update: Security update for libXfont ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0702-1 Rating: important References: #921978 Cross-References: CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: LibXFont was updated to fix security problems. Following security issues were fixed: - CVE-2015-1802: The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures being allocated, and could thus allocate the wrong buffer size, leading to out of bounds writes. - CVE-2015-1803: If the bdf parser failed to parse the data for the bitmap for any character, it would proceed with an invalid pointer to the bitmap data and later crash when trying to read the bitmap from that pointer. - CVE-2015-1804: The bdf parser read metrics values as 32-bit integers, but stored them into 16-bit integers. Overflows could occur in various operations leading to out-of-bounds memory access. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-161=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-161=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-161=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-4.1 libXfont-devel-1.4.7-4.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-4.1 libXfont1-1.4.7-4.1 libXfont1-debuginfo-1.4.7-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libXfont-debugsource-1.4.7-4.1 libXfont1-1.4.7-4.1 libXfont1-debuginfo-1.4.7-4.1 References: https://www.suse.com/security/cve/CVE-2015-1802.html https://www.suse.com/security/cve/CVE-2015-1803.html https://www.suse.com/security/cve/CVE-2015-1804.html https://bugzilla.suse.com/921978 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2015:0682-1: important: Security update for Chromium
by opensuse-security＠opensuse.org 08 Apr '15

08 Apr '15

openSUSE Security Update: Security update for Chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0682-1 Rating: important References: #925713 #925714 Cross-References: CVE-2015-1233 CVE-2015-1234 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Chromium was updated to 41.0.2272.118 to fix two security issues. The following vulnerabilities were fixed: * A combination of V8, Gamepad and IPC bugs could lead to remote code execution outside of the sandbox (CVE-2015-1233, boo#925713) * Buffer overflow via race condition in GPU (CVE-2015-1234, boo#925714) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-298=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-298=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): chromedriver-41.0.2272.118-20.1 chromedriver-debuginfo-41.0.2272.118-20.1 chromium-41.0.2272.118-20.1 chromium-debuginfo-41.0.2272.118-20.1 chromium-debugsource-41.0.2272.118-20.1 chromium-desktop-gnome-41.0.2272.118-20.1 chromium-desktop-kde-41.0.2272.118-20.1 chromium-ffmpegsumo-41.0.2272.118-20.1 chromium-ffmpegsumo-debuginfo-41.0.2272.118-20.1 - openSUSE 13.1 (i586 x86_64): chromedriver-41.0.2272.118-75.1 chromedriver-debuginfo-41.0.2272.118-75.1 chromium-41.0.2272.118-75.1 chromium-debuginfo-41.0.2272.118-75.1 chromium-debugsource-41.0.2272.118-75.1 chromium-desktop-gnome-41.0.2272.118-75.1 chromium-desktop-kde-41.0.2272.118-75.1 chromium-ffmpegsumo-41.0.2272.118-75.1 chromium-ffmpegsumo-debuginfo-41.0.2272.118-75.1 References: https://www.suse.com/security/cve/CVE-2015-1233.html https://www.suse.com/security/cve/CVE-2015-1234.html https://bugzilla.suse.com/925713 https://bugzilla.suse.com/925714 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2015:0677-1: important: Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr
by opensuse-security＠opensuse.org 08 Apr '15

08 Apr '15

openSUSE Security Update: Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0677-1 Rating: important References: #925368 #925392 #925393 #925394 #925395 #925396 #925397 #925398 #925399 #925400 #925401 #925402 #926166 Cross-References: CVE-2015-0799 CVE-2015-0801 CVE-2015-0802 CVE-2015-0803 CVE-2015-0804 CVE-2015-0805 CVE-2015-0806 CVE-2015-0807 CVE-2015-0808 CVE-2015-0811 CVE-2015-0812 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813 bmo#1106596 boo#925393) * Add-on lightweight theme installation approval bypassed through MITM attack (MFSA 2015-32/CVE-2015-0812 bmo#1128126 boo#925394) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816 bmo#1144991 boo#925395) * Out of bounds read in QCMS library (MFSA-2015-34/CVE-2015-0811 bmo#1132468 boo#925396) * Incorrect memory management for simple-type arrays in WebRTC (MFSA-2015-36/CVE-2015-0808 bmo#1109552 boo#925397) * CORS requests should not follow 30x redirections after preflight (MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398) * Memory corruption crashes in Off Main Thread Compositing (MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 bmo#1135511 bmo#1099437 boo#925399) * Use-after-free due to type confusion flaws (MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (mo#1134560 boo#925400) * Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801 bmo#1146339 boo#925401) * Windows can retain access to privileged content on navigation to unprivileged pages (MFSA-2015-42/CVE-2015-0802 bmo#1124898 boo#925402) The following vulnerability was fixed in functionality that was not released as an update to openSUSE: * Certificate verification could be bypassed through the HTTP/2 Alt-Svc header (MFSA 2015-44/CVE-2015-0799 bmo#1148328 bnc#926166) The functionality added in 37.0 and thus removed in 37.0.1 was: * Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc The following functionality was added or updated in Mozilla Firefox: * Heartbeat user rating system * Yandex set as default search provider for the Turkish locale * Bing search now uses HTTPS for secure searching * Improved protection against site impersonation via OneCRL centralized certificate revocation * some more behaviour changes for TLS The following vulnerabilities were fixed in Mozilla Thunderbird: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813 bmo#1106596 boo#925393) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816 bmo#1144991 boo#925395) * CORS requests should not follow 30x redirections after preflight (MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398) * Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801 bmo#1146339 boo#925401) mozilla-nspr was updated to 4.10.8 as a dependency and received the following changes: * bmo#573192: remove the stack-based PRFileDesc cache. * bmo#756047: check for _POSIX_THREAD_PRIORITY_SCHEDULING > 0 instead of only checking if the identifier is defined. * bmo#1089908: Fix variable shadowing in _PR_MD_LOCKFILE. Use PR_ARRAY_SIZE to get the array size of _PR_RUNQ(t->cpu). * bmo#1106600: Replace PR_ASSERT(!"foo") with PR_NOT_REACHED("foo") to fix clang -Wstring-conversion warnings. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-290=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-290=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): MozillaFirefox-37.0.1-23.1 MozillaFirefox-branding-upstream-37.0.1-23.1 MozillaFirefox-buildsymbols-37.0.1-23.1 MozillaFirefox-debuginfo-37.0.1-23.1 MozillaFirefox-debugsource-37.0.1-23.1 MozillaFirefox-devel-37.0.1-23.1 MozillaFirefox-translations-common-37.0.1-23.1 MozillaFirefox-translations-other-37.0.1-23.1 MozillaThunderbird-31.6.0-15.3 MozillaThunderbird-buildsymbols-31.6.0-15.3 MozillaThunderbird-debuginfo-31.6.0-15.3 MozillaThunderbird-debugsource-31.6.0-15.3 MozillaThunderbird-devel-31.6.0-15.3 MozillaThunderbird-translations-common-31.6.0-15.3 MozillaThunderbird-translations-other-31.6.0-15.3 mozilla-nspr-4.10.8-6.1 mozilla-nspr-debuginfo-4.10.8-6.1 mozilla-nspr-debugsource-4.10.8-6.1 mozilla-nspr-devel-4.10.8-6.1 - openSUSE 13.2 (x86_64): mozilla-nspr-32bit-4.10.8-6.1 mozilla-nspr-debuginfo-32bit-4.10.8-6.1 - openSUSE 13.1 (i586 x86_64): MozillaFirefox-37.0.1-68.1 MozillaFirefox-branding-upstream-37.0.1-68.1 MozillaFirefox-buildsymbols-37.0.1-68.1 MozillaFirefox-debuginfo-37.0.1-68.1 MozillaFirefox-debugsource-37.0.1-68.1 MozillaFirefox-devel-37.0.1-68.1 MozillaFirefox-translations-common-37.0.1-68.1 MozillaFirefox-translations-other-37.0.1-68.1 MozillaThunderbird-31.6.0-70.50.2 MozillaThunderbird-buildsymbols-31.6.0-70.50.2 MozillaThunderbird-debuginfo-31.6.0-70.50.2 MozillaThunderbird-debugsource-31.6.0-70.50.2 MozillaThunderbird-devel-31.6.0-70.50.2 MozillaThunderbird-translations-common-31.6.0-70.50.2 MozillaThunderbird-translations-other-31.6.0-70.50.2 mozilla-nspr-4.10.8-22.1 mozilla-nspr-debuginfo-4.10.8-22.1 mozilla-nspr-debugsource-4.10.8-22.1 mozilla-nspr-devel-4.10.8-22.1 - openSUSE 13.1 (x86_64): mozilla-nspr-32bit-4.10.8-22.1 mozilla-nspr-debuginfo-32bit-4.10.8-22.1 References: https://www.suse.com/security/cve/CVE-2015-0799.html https://www.suse.com/security/cve/CVE-2015-0801.html https://www.suse.com/security/cve/CVE-2015-0802.html https://www.suse.com/security/cve/CVE-2015-0803.html https://www.suse.com/security/cve/CVE-2015-0804.html https://www.suse.com/security/cve/CVE-2015-0805.html https://www.suse.com/security/cve/CVE-2015-0806.html https://www.suse.com/security/cve/CVE-2015-0807.html https://www.suse.com/security/cve/CVE-2015-0808.html https://www.suse.com/security/cve/CVE-2015-0811.html https://www.suse.com/security/cve/CVE-2015-0812.html https://www.suse.com/security/cve/CVE-2015-0813.html https://www.suse.com/security/cve/CVE-2015-0814.html https://www.suse.com/security/cve/CVE-2015-0815.html https://www.suse.com/security/cve/CVE-2015-0816.html https://bugzilla.suse.com/925368 https://bugzilla.suse.com/925392 https://bugzilla.suse.com/925393 https://bugzilla.suse.com/925394 https://bugzilla.suse.com/925395 https://bugzilla.suse.com/925396 https://bugzilla.suse.com/925397 https://bugzilla.suse.com/925398 https://bugzilla.suse.com/925399 https://bugzilla.suse.com/925400 https://bugzilla.suse.com/925401 https://bugzilla.suse.com/925402 https://bugzilla.suse.com/926166 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2015:0674-1: important: Security update for xorg-x11-libs
by opensuse-security＠opensuse.org 07 Apr '15

07 Apr '15

SUSE Security Update: Security update for xorg-x11-libs ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0674-1 Rating: important References: #921978 Cross-References: CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: LibXFont was updated to fix security problems that could be used by local attackers to gain X server privileges (root). The following security issues have been fixed: * CVE-2015-1802: The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures being allocated, and could thus allocate the wrong buffer size, leading to out of bounds writes. * CVE-2015-1803: If the bdf parser failed to parse the data for the bitmap for any character, it would proceed with an invalid pointer to the bitmap data and later crash when trying to read the bitmap from that pointer. * CVE-2015-1804: The bdf parser read metrics values as 32-bit integers, but stored them into 16-bit integers. Overflows could occur in various operations leading to out-of-bounds memory access. Security Issues: * CVE-2015-1802 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802> * CVE-2015-1803 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803> * CVE-2015-1804 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-devel=10487 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-devel=10487 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-devel=10487 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-devel=10487 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-devel-7.4-8.26.44.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-devel-32bit-7.4-8.26.44.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libs-7.4-8.26.44.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libs-32bit-7.4-8.26.44.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libs-7.4-8.26.44.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libs-32bit-7.4-8.26.44.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libs-x86-7.4-8.26.44.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libs-7.4-8.26.44.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libs-32bit-7.4-8.26.44.1 References: https://www.suse.com/security/cve/CVE-2015-1802.html https://www.suse.com/security/cve/CVE-2015-1803.html https://www.suse.com/security/cve/CVE-2015-1804.html https://bugzilla.suse.com/921978 https://download.suse.com/patch/finder/?keywords=9bf31baa0e7f2f9f6297b4bbb4… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2015:0658-1: important: Security Update for Linux Kernel
by opensuse-security＠opensuse.org 02 Apr '15

02 Apr '15

SUSE Security Update: Security Update for Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0658-1 Rating: important References: #898675 #903997 #904242 #909309 #909477 #909684 #910517 #913080 #914818 #915200 #915660 #917830 #918584 #918615 #918620 #918644 #919463 #919719 #919939 #920615 #920805 #920839 #921313 #921527 #921990 #922272 #922275 #922278 #922284 #924460 Cross-References: CVE-2015-0777 CVE-2015-2150 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has 28 fixes is now available. Description: The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-0777: The XEN usb backend could leak information to the guest system due to copying uninitialized memory. - CVE-2015-2150: Xen and the Linux kernel did not properly restrict access to PCI command registers, which might have allowed local guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. The following non-security bugs were fixed: - Added Little Endian support to vtpm module (bsc#918620). - Add support for pnfs block layout. Patches not included by default yet - ALSA: hda - Fix regression of HD-audio controller fallback modes (bsc#921313). - btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284). - btrfs: cleanup orphans while looking up default subvolume (bsc#914818). - btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr (bnc#922272). - btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group (bnc#922278). - btrfs: fix data loss in the fast fsync path (bnc#922275). - btrfs: fix fsync data loss after adding hard link to inode (bnc#922275). - cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644). - cifs: fix use-after-free bug in find_writable_file (bnc#909477). - crypto: rng - RNGs must return 0 in success case (bsc#920805). - crypto: testmgr - fix RNG return code enforcement (bsc#920805). - exit: Always reap resource stats in __exit_signal() (Time scalability). - fork: report pid reservation failure properly (bnc#909684). - fsnotify: Fix handling of renames in audit (bnc#915200). - HID: hyperv: match wait_for_completion_timeout return type. - hv: address compiler warnings for hv_fcopy_daemon.c. - hv: address compiler warnings for hv_kvp_daemon.c. - hv: check vmbus_device_create() return value in vmbus_process_offer(). - hv: do not add redundant / in hv_start_fcopy(). - hv: hv_balloon: Do not post pressure status from interrupt context. - hv: hv_balloon: Fix a locking bug in the balloon driver. - hv: hv_balloon: Make adjustments in computing the floor. - hv: hv_fcopy: drop the obsolete message on transfer failure. - hv: kvp_daemon: make IPv6-only-injection work. - hv: remove unused bytes_written from kvp_update_file(). - hv: rename sc_lock to the more generic lock. - hv: vmbus: Fix a bug in vmbus_establish_gpadl(). - hv: vmbus: hv_process_timer_expiration() can be static. - hv: vmbus: Implement a clockevent device. - hv: vmbus: serialize Offer and Rescind offer. - hv: vmbus: Support a vmbus API for efficiently sending page arrays. - hv: vmbus: Use get_cpu() to get the current CPU. - hyperv: fix sparse warnings. - hyperv: Fix the error processing in netvsc_send(). - hyperv: match wait_for_completion_timeout return type. - hyperv: netvsc.c: match wait_for_completion_timeout return type. - iommu/vt-d: Fix dmar_domain leak in iommu_attach_device (bsc#924460). - kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242). - kABI: protect linux/namei.h include in procfs. - kABI: protect struct hif_scatter_req. - kabi/severities: Stop maintaining the kgraft kabi - kernel/sched/clock.c: add another clock for use with the soft lockup watchdog (bsc#919939). - kgr: Allow patches to require an exact kernel version (bnc#920615). - KVM: PPC: Book3S HV: ptes are big endian (bsc#920839). - mm: convert the rest to new page table lock api (the suse-only cases) (fate#315482). - mm: fix anon_vma->degree underflow in anon_vma endless growing prevention (bnc#904242). - mm: fix corner case in anon_vma endless growing prevention (bnc#904242). - mm: prevent endless growth of anon_vma hierarchy (bnc#904242). - mm: prevent endless growth of anon_vma hierarchy mm: prevent endless growth of anon_vma hierarchy (bnc#904242). - mm: vmscan: count only dirty pages as congested (VM Performance, bnc#910517). - module: Clean up ro/nx after early module load failures (bsc#921990). - module: set nx before marking module MODULE_STATE_COMING (bsc#921990). - net: add sysfs helpers for netdev_adjacent logic (bnc#915660). - net: correct error path in rtnl_newlink() (bnc#915660). - net: fix creation adjacent device symlinks (bnc#915660). - net: prevent of emerging cross-namespace symlinks (bnc#915660). - net: rename sysfs symlinks on device name change (bnc#915660). - nfs: cap request size to fit a kmalloced page array (bnc#898675). - nfs: commit layouts in fdatasync (bnc#898675). - NFSv4.1: Do not trust attributes if a pNFS LAYOUTCOMMIT is outstanding (bnc#898675). - NFSv4.1: Ensure that the layout recall callback matches layout stateids (bnc#898675). - NFSv4.1: Ensure that we free existing layout segments if we get a new layout (bnc#898675). - NFSv4.1: Fix a race in nfs4_write_inode (bnc#898675). - NFSv4.1: Fix wraparound issues in pnfs_seqid_is_newer() (bnc#898675). - NFSv4.1: Minor optimisation in get_layout_by_fh_locked() (bnc#898675). - NFSv4: Do not update the open stateid unless it is newer than the old one (bnc#898675). - pnfs: add a common GETDEVICELIST implementation (bnc#898675). - pnfs: add a nfs4_get_deviceid helper (bnc#898675). - pnfs: add flag to force read-modify-write in ->write_begin (bnc#898675). - pnfs: add return_range method (bnc#898675). - pnfs: allow splicing pre-encoded pages into the layoutcommit args (bnc#898675). - pnfs: avoid using stale stateids after layoutreturn (bnc#898675). - pnfs/blocklayout: allocate separate pages for the layoutcommit payload (bnc#898675). - pnfs/blocklayout: correctly decrement extent length (bnc#898675). - pnfs/blocklayout: do not set pages uptodate (bnc#898675). - pnfs/blocklayout: Fix a 64-bit division/remainder issue in bl_map_stripe (bnc#898675). - pnfs/blocklayout: implement the return_range method (bnc#898675). - pnfs/blocklayout: improve GETDEVICEINFO error reporting (bnc#898675). - pnfs/blocklayout: include vmalloc.h for __vmalloc (bnc#898675). - pnfs/blocklayout: in-kernel GETDEVICEINFO XDR parsing (bnc#898675). - pnfs/blocklayout: move all rpc_pipefs related code into a single file (bnc#898675). - pnfs/blocklayout: move extent processing to blocklayout.c (bnc#898675). - pnfs/blocklayout: plug block queues (bnc#898675). - pnfs/blocklayout: refactor extent processing (bnc#898675). - pnfs/blocklayout: reject pnfs blocksize larger than page size (bnc#898675). - pNFS/blocklayout: Remove a couple of unused variables (bnc#898675). - pnfs/blocklayout: remove read-modify-write handling in bl_write_pagelist (bnc#898675). - pnfs/blocklayout: remove some debugging (bnc#898675). - pnfs/blocklayout: return layouts on setattr (bnc#898675). - pnfs/blocklayout: rewrite extent tracking (bnc#898675). - pnfs/blocklayout: use the device id cache (bnc#898675). - pnfs: do not check sequence on new stateids in layoutget (bnc#898675). - pnfs: do not pass uninitialized lsegs to ->free_lseg (bnc#898675). - pnfs: enable CB_NOTIFY_DEVICEID support (bnc#898675). - pnfs: factor GETDEVICEINFO implementations (bnc#898675). - pnfs: force a layout commit when encountering busy segments during recall (bnc#898675). - pnfs: remove GETDEVICELIST implementation (bnc#898675). - pnfs: retry after a bad stateid error from layoutget (bnc#898675). - powerpc: add running_clock for powerpc to prevent spurious softlockup warnings (bsc#919939). - powerpc/pseries: Fix endian problems with LE migration (bsc#918584). - remove cgroup_mutex around deactivate_super because it might be dangerous. - rtmutex: Document pi chain walk (mutex scalability). - rtmutex: No need to keep task ref for lock owner check (mutex scalability). - rtmutex: Simplify rtmutex_slowtrylock() (mutex scalability). - rtnetlink: fix a memory leak when ->newlink fails (bnc#915660). - sched: Change thread_group_cputime() to use for_each_thread() (Time scalability). - sched: replace INIT_COMPLETION with reinit_completion. - sched, time: Atomically increment stime & utime (Time scalability). - scsi: storvsc: Always send on the selected outgoing channel. - scsi: storvsc: Do not assume that the scatterlist is not chained. - scsi: storvsc: Enable clustering. - scsi: storvsc: Fix a bug in copy_from_bounce_buffer(). - scsi: storvsc: Increase the ring buffer size. - scsi: storvsc: Retrieve information about the capability of the target. - scsi: storvsc: Set the tablesize based on the information given by the host. - scsi: storvsc: Size the queue depth based on the ringbuffer size. - storvsc: fix a bug in storvsc limits. - storvsc: force discovery of LUNs that may have been removed. - storvsc: force SPC-3 compliance on win8 and win8 r2 hosts. - storvsc: in responce to a scan event, scan the host. - take read_seqbegin_or_lock() and friends to seqlock.h (Time scalability). - tcp: prevent fetching dst twice in early demux code (bnc#903997 bnc#919719). - time, signal: Protect resource use statistics with seqlock -kabi (Time scalability). - time, signal: Protect resource use statistics with seqlock (Time scalability). - udp: only allow UFO for packets from SOCK_DGRAM sockets (bnc#909309). - Update Xen patches to 3.12.39. - virtio: rng: add derating factor for use by hwrng core (bsc#918615). - x86, AVX-512: AVX-512 Feature Detection (bsc#921527). - x86, AVX-512: Enable AVX-512 States Context Switch (bsc#921527). - xenbus: add proper handling of XS_ERROR from Xenbus for transactions. - xfs: xfs_alloc_fix_minleft can underflow near ENOSPC (bnc#913080). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-152=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-152=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-152=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-152=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-152=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-152=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): kernel-default-debuginfo-3.12.39-47.1 kernel-default-debugsource-3.12.39-47.1 kernel-default-extra-3.12.39-47.1 kernel-default-extra-debuginfo-3.12.39-47.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): kernel-obs-build-3.12.39-47.2 kernel-obs-build-debugsource-3.12.39-47.2 - SUSE Linux Enterprise Software Development Kit 12 (noarch): kernel-docs-3.12.39-47.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): kernel-default-3.12.39-47.1 kernel-default-base-3.12.39-47.1 kernel-default-base-debuginfo-3.12.39-47.1 kernel-default-debuginfo-3.12.39-47.1 kernel-default-debugsource-3.12.39-47.1 kernel-default-devel-3.12.39-47.1 kernel-syms-3.12.39-47.1 - SUSE Linux Enterprise Server 12 (x86_64): kernel-xen-3.12.39-47.1 kernel-xen-base-3.12.39-47.1 kernel-xen-base-debuginfo-3.12.39-47.1 kernel-xen-debuginfo-3.12.39-47.1 kernel-xen-debugsource-3.12.39-47.1 kernel-xen-devel-3.12.39-47.1 - SUSE Linux Enterprise Server 12 (noarch): kernel-devel-3.12.39-47.1 kernel-macros-3.12.39-47.1 kernel-source-3.12.39-47.1 - SUSE Linux Enterprise Server 12 (s390x): kernel-default-man-3.12.39-47.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.39-47.1 kernel-ec2-debuginfo-3.12.39-47.1 kernel-ec2-debugsource-3.12.39-47.1 kernel-ec2-devel-3.12.39-47.1 kernel-ec2-extra-3.12.39-47.1 kernel-ec2-extra-debuginfo-3.12.39-47.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_39-47-default-1-2.1 kgraft-patch-3_12_39-47-xen-1-2.1 - SUSE Linux Enterprise Desktop 12 (x86_64): kernel-default-3.12.39-47.1 kernel-default-debuginfo-3.12.39-47.1 kernel-default-debugsource-3.12.39-47.1 kernel-default-devel-3.12.39-47.1 kernel-default-extra-3.12.39-47.1 kernel-default-extra-debuginfo-3.12.39-47.1 kernel-syms-3.12.39-47.1 kernel-xen-3.12.39-47.1 kernel-xen-debuginfo-3.12.39-47.1 kernel-xen-debugsource-3.12.39-47.1 kernel-xen-devel-3.12.39-47.1 - SUSE Linux Enterprise Desktop 12 (noarch): kernel-devel-3.12.39-47.1 kernel-macros-3.12.39-47.1 kernel-source-3.12.39-47.1 References: https://www.suse.com/security/cve/CVE-2015-0777.html https://www.suse.com/security/cve/CVE-2015-2150.html https://bugzilla.suse.com/898675 https://bugzilla.suse.com/903997 https://bugzilla.suse.com/904242 https://bugzilla.suse.com/909309 https://bugzilla.suse.com/909477 https://bugzilla.suse.com/909684 https://bugzilla.suse.com/910517 https://bugzilla.suse.com/913080 https://bugzilla.suse.com/914818 https://bugzilla.suse.com/915200 https://bugzilla.suse.com/915660 https://bugzilla.suse.com/917830 https://bugzilla.suse.com/918584 https://bugzilla.suse.com/918615 https://bugzilla.suse.com/918620 https://bugzilla.suse.com/918644 https://bugzilla.suse.com/919463 https://bugzilla.suse.com/919719 https://bugzilla.suse.com/919939 https://bugzilla.suse.com/920615 https://bugzilla.suse.com/920805 https://bugzilla.suse.com/920839 https://bugzilla.suse.com/921313 https://bugzilla.suse.com/921527 https://bugzilla.suse.com/921990 https://bugzilla.suse.com/922272 https://bugzilla.suse.com/922275 https://bugzilla.suse.com/922278 https://bugzilla.suse.com/922284 https://bugzilla.suse.com/924460 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0