openSUSE Security Announce
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
April 2015
- 1 participants
- 21 discussions
[security-announce] openSUSE-SU-2015:0718-1: important: Security update for Adobe Flash Player
by opensuse-security@opensuse.org 15 Apr '15
by opensuse-security@opensuse.org 15 Apr '15
15 Apr '15
openSUSE Security Update: Security update for Adobe Flash Player
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0718-1
Rating: important
References: #927089
Cross-References: CVE-2015-0346 CVE-2015-0347 CVE-2015-0348
CVE-2015-0349 CVE-2015-0350 CVE-2015-0351
CVE-2015-0352 CVE-2015-0353 CVE-2015-0354
CVE-2015-0355 CVE-2015-0356 CVE-2015-0357
CVE-2015-0358 CVE-2015-0359 CVE-2015-0360
CVE-2015-3038 CVE-2015-3039 CVE-2015-3040
CVE-2015-3041 CVE-2015-3042 CVE-2015-3043
CVE-2015-3044
Affected Products:
openSUSE 13.2:NonFree
openSUSE 13.1:NonFree
______________________________________________________________________________
An update that fixes 22 vulnerabilities is now available.
Description:
Adobe Flash Player was updated to 11.2.202.457 to fix several security
issues that could lead to remote code execution.
An exploit for CVE-2015-3043 was reported to exist in the wild.
The following vulnerabilities were fixed:
* Memory corruption vulnerabilities that could lead to code execution
(CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353,
CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038,
CVE-2015-3041, CVE-2015-3042, CVE-2015-3043).
* Type confusion vulnerability that could lead to code execution
(CVE-2015-0356).
* Buffer overflow vulnerability that could lead to code execution
(CVE-2015-0348).
* Use-after-free vulnerabilities that could lead to code execution
(CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039).
* Double-free vulnerabilities that could lead to code execution
(CVE-2015-0346, CVE-2015-0359).
* Memory leak vulnerabilities that could be used to bypass ASLR
(CVE-2015-0357, CVE-2015-3040).
* Security bypass vulnerability that could lead to information disclosure
(CVE-2015-3044).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:NonFree:
zypper in -t patch openSUSE-2015-304=1
- openSUSE 13.1:NonFree:
zypper in -t patch openSUSE-2015-304=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2:NonFree (i586 x86_64):
flash-player-11.2.202.457-2.48.1
flash-player-gnome-11.2.202.457-2.48.1
flash-player-kde4-11.2.202.457-2.48.1
- openSUSE 13.1:NonFree (i586 x86_64):
flash-player-11.2.202.457-113.1
flash-player-gnome-11.2.202.457-113.1
flash-player-kde4-11.2.202.457-113.1
References:
https://www.suse.com/security/cve/CVE-2015-0346.html
https://www.suse.com/security/cve/CVE-2015-0347.html
https://www.suse.com/security/cve/CVE-2015-0348.html
https://www.suse.com/security/cve/CVE-2015-0349.html
https://www.suse.com/security/cve/CVE-2015-0350.html
https://www.suse.com/security/cve/CVE-2015-0351.html
https://www.suse.com/security/cve/CVE-2015-0352.html
https://www.suse.com/security/cve/CVE-2015-0353.html
https://www.suse.com/security/cve/CVE-2015-0354.html
https://www.suse.com/security/cve/CVE-2015-0355.html
https://www.suse.com/security/cve/CVE-2015-0356.html
https://www.suse.com/security/cve/CVE-2015-0357.html
https://www.suse.com/security/cve/CVE-2015-0358.html
https://www.suse.com/security/cve/CVE-2015-0359.html
https://www.suse.com/security/cve/CVE-2015-0360.html
https://www.suse.com/security/cve/CVE-2015-3038.html
https://www.suse.com/security/cve/CVE-2015-3039.html
https://www.suse.com/security/cve/CVE-2015-3040.html
https://www.suse.com/security/cve/CVE-2015-3041.html
https://www.suse.com/security/cve/CVE-2015-3042.html
https://www.suse.com/security/cve/CVE-2015-3043.html
https://www.suse.com/security/cve/CVE-2015-3044.html
https://bugzilla.suse.com/927089
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2015:0714-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Apr '15
by opensuse-security@opensuse.org 13 Apr '15
13 Apr '15
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0714-1
Rating: important
References: #903640 #904899 #907988 #909078 #910150 #911325
#911326 #912202 #912654 #912705 #913059 #913695
#914175 #915322 #917839 #920901
Cross-References: CVE-2014-7822 CVE-2014-8134 CVE-2014-8160
CVE-2014-8173 CVE-2014-8559 CVE-2014-9419
CVE-2014-9420 CVE-2014-9529 CVE-2014-9584
CVE-2014-9585 CVE-2015-1593
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that solves 11 vulnerabilities and has 5 fixes is
now available.
Description:
The Linux kernel was updated to fix various bugs and security issues.
Following security issues were fixed:
- CVE-2014-8173: A NULL pointer dereference flaw was found in the way the
Linux kernels madvise MADV_WILLNEED functionality handled page table
locking. A local, unprivileged user could have used this flaw to crash
the system.
- CVE-2015-1593: A integer overflow reduced the effectiveness of the stack
randomization on 64-bit systems.
- CVE-2014-7822: A flaw was found in the way the Linux kernels splice()
system call validated its parameters. On certain file systems, a local,
unprivileged user could have used this flaw to write past the maximum
file size, and thus crash the system.
- CVE-2014-9419: The __switch_to function in arch/x86/kernel/process_64.c
in the Linux kernel did not ensure that Thread Local Storage (TLS)
descriptors are loaded before proceeding with other steps, which made it
easier for local users to bypass the ASLR protection mechanism via a
crafted application that reads a TLS base address.
- CVE-2014-8134: The paravirt_ops_setup function in arch/x86/kernel/kvm.c
in the Linux kernel used an improper paravirt_enabled setting for KVM
guest kernels, which made it easier for guest OS users to bypass the
ASLR protection mechanism via a crafted application that reads a 16-bit
value.
- CVE-2014-8160: net/netfilter/nf_conntrack_proto_generic.c in the Linux
kernel generated incorrect conntrack entries during handling of certain
iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols,
which allowed remote attackers to bypass intended access restrictions
via packets with disallowed port numbers.
- CVE-2014-9529: Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel allowed local users to cause a
denial of service (memory corruption or panic) or possibly have
unspecified other impact via keyctl commands that trigger access to a
key structure member during garbage collection of a key.
- CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux kernel
through did not properly maintain the semantics of rename_lock, which
allowed local users to cause a denial of service (deadlock and system
hang) via a crafted application.
- CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the
Linux kernel did not restrict the number of Rock Ridge continuation
entries, which allowed local users to cause a denial of service
(infinite loop, and system crash or hang) via a crafted iso9660 image.
- CVE-2014-9584: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel did not validate a length value in
the Extensions Reference (ER) System Use Field, which allowed local
users to obtain sensitive information from kernel memory via a crafted
iso9660 image.
- CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the
Linux kernel did not properly choose memory locations for the vDSO area,
which made it easier for local users to bypass the ASLR protection
mechanism by guessing a location at the end of a PMD.
Following bugs were fixed:
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103
(bnc#920901).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 016f
(bnc#920901).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 009b
(bnc#920901).
- HID: usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#920901).
- HID: usbhid: fix PIXART optical mouse (bnc#920901).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen (bnc#920901).
- HID: usbhid: add always-poll quirk (bnc#920901).
- storvsc: ring buffer failures may result in I/O freeze (bnc#914175).
- mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process
being killed (VM Functionality bnc#910150).
- Input: evdev - fix EVIOCG{type} ioctl (bnc#904899).
- mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by
mount (bsc#907988).
- DocBook: Do not exceed argument list limit.
- DocBook: Make mandocs parallel-safe.
- mm: free compound page with correct order (bnc#913695).
- udf: Check component length before reading it.
- udf: Check path length when reading symlink.
- udf: Verify symlink size before loading it.
- udf: Verify i_size when loading inode.
- xfs: remote attribute overwrite causes transaction overrun.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-301=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i686 x86_64):
kernel-debug-3.11.10-29.1
kernel-debug-base-3.11.10-29.1
kernel-debug-base-debuginfo-3.11.10-29.1
kernel-debug-debuginfo-3.11.10-29.1
kernel-debug-debugsource-3.11.10-29.1
kernel-debug-devel-3.11.10-29.1
kernel-debug-devel-debuginfo-3.11.10-29.1
kernel-desktop-3.11.10-29.1
kernel-desktop-base-3.11.10-29.1
kernel-desktop-base-debuginfo-3.11.10-29.1
kernel-desktop-debuginfo-3.11.10-29.1
kernel-desktop-debugsource-3.11.10-29.1
kernel-desktop-devel-3.11.10-29.1
kernel-desktop-devel-debuginfo-3.11.10-29.1
kernel-ec2-3.11.10-29.1
kernel-ec2-base-3.11.10-29.1
kernel-ec2-base-debuginfo-3.11.10-29.1
kernel-ec2-debuginfo-3.11.10-29.1
kernel-ec2-debugsource-3.11.10-29.1
kernel-ec2-devel-3.11.10-29.1
kernel-ec2-devel-debuginfo-3.11.10-29.1
kernel-trace-3.11.10-29.1
kernel-trace-base-3.11.10-29.1
kernel-trace-base-debuginfo-3.11.10-29.1
kernel-trace-debuginfo-3.11.10-29.1
kernel-trace-debugsource-3.11.10-29.1
kernel-trace-devel-3.11.10-29.1
kernel-trace-devel-debuginfo-3.11.10-29.1
kernel-vanilla-3.11.10-29.1
kernel-vanilla-debuginfo-3.11.10-29.1
kernel-vanilla-debugsource-3.11.10-29.1
kernel-vanilla-devel-3.11.10-29.1
kernel-vanilla-devel-debuginfo-3.11.10-29.1
kernel-xen-3.11.10-29.1
kernel-xen-base-3.11.10-29.1
kernel-xen-base-debuginfo-3.11.10-29.1
kernel-xen-debuginfo-3.11.10-29.1
kernel-xen-debugsource-3.11.10-29.1
kernel-xen-devel-3.11.10-29.1
kernel-xen-devel-debuginfo-3.11.10-29.1
- openSUSE 13.1 (i586 x86_64):
cloop-2.639-11.19.1
cloop-debuginfo-2.639-11.19.1
cloop-debugsource-2.639-11.19.1
cloop-kmp-default-2.639_k3.11.10_29-11.19.1
cloop-kmp-default-debuginfo-2.639_k3.11.10_29-11.19.1
cloop-kmp-desktop-2.639_k3.11.10_29-11.19.1
cloop-kmp-desktop-debuginfo-2.639_k3.11.10_29-11.19.1
cloop-kmp-xen-2.639_k3.11.10_29-11.19.1
cloop-kmp-xen-debuginfo-2.639_k3.11.10_29-11.19.1
crash-7.0.2-2.19.1
crash-debuginfo-7.0.2-2.19.1
crash-debugsource-7.0.2-2.19.1
crash-devel-7.0.2-2.19.1
crash-doc-7.0.2-2.19.1
crash-eppic-7.0.2-2.19.1
crash-eppic-debuginfo-7.0.2-2.19.1
crash-gcore-7.0.2-2.19.1
crash-gcore-debuginfo-7.0.2-2.19.1
crash-kmp-default-7.0.2_k3.11.10_29-2.19.1
crash-kmp-default-debuginfo-7.0.2_k3.11.10_29-2.19.1
crash-kmp-desktop-7.0.2_k3.11.10_29-2.19.1
crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_29-2.19.1
crash-kmp-xen-7.0.2_k3.11.10_29-2.19.1
crash-kmp-xen-debuginfo-7.0.2_k3.11.10_29-2.19.1
hdjmod-debugsource-1.28-16.19.1
hdjmod-kmp-default-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-default-debuginfo-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-desktop-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-xen-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_29-16.19.1
ipset-6.21.1-2.23.1
ipset-debuginfo-6.21.1-2.23.1
ipset-debugsource-6.21.1-2.23.1
ipset-devel-6.21.1-2.23.1
ipset-kmp-default-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-default-debuginfo-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-desktop-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-xen-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_29-2.23.1
iscsitarget-1.4.20.3-13.19.1
iscsitarget-debuginfo-1.4.20.3-13.19.1
iscsitarget-debugsource-1.4.20.3-13.19.1
iscsitarget-kmp-default-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-xen-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_29-13.19.1
kernel-default-3.11.10-29.1
kernel-default-base-3.11.10-29.1
kernel-default-base-debuginfo-3.11.10-29.1
kernel-default-debuginfo-3.11.10-29.1
kernel-default-debugsource-3.11.10-29.1
kernel-default-devel-3.11.10-29.1
kernel-default-devel-debuginfo-3.11.10-29.1
kernel-syms-3.11.10-29.1
libipset3-6.21.1-2.23.1
libipset3-debuginfo-6.21.1-2.23.1
ndiswrapper-1.58-19.1
ndiswrapper-debuginfo-1.58-19.1
ndiswrapper-debugsource-1.58-19.1
ndiswrapper-kmp-default-1.58_k3.11.10_29-19.1
ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_29-19.1
ndiswrapper-kmp-desktop-1.58_k3.11.10_29-19.1
ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_29-19.1
pcfclock-0.44-258.19.1
pcfclock-debuginfo-0.44-258.19.1
pcfclock-debugsource-0.44-258.19.1
pcfclock-kmp-default-0.44_k3.11.10_29-258.19.1
pcfclock-kmp-default-debuginfo-0.44_k3.11.10_29-258.19.1
pcfclock-kmp-desktop-0.44_k3.11.10_29-258.19.1
pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_29-258.19.1
python-virtualbox-4.2.28-2.28.1
python-virtualbox-debuginfo-4.2.28-2.28.1
vhba-kmp-debugsource-20130607-2.20.1
vhba-kmp-default-20130607_k3.11.10_29-2.20.1
vhba-kmp-default-debuginfo-20130607_k3.11.10_29-2.20.1
vhba-kmp-desktop-20130607_k3.11.10_29-2.20.1
vhba-kmp-desktop-debuginfo-20130607_k3.11.10_29-2.20.1
vhba-kmp-xen-20130607_k3.11.10_29-2.20.1
vhba-kmp-xen-debuginfo-20130607_k3.11.10_29-2.20.1
virtualbox-4.2.28-2.28.1
virtualbox-debuginfo-4.2.28-2.28.1
virtualbox-debugsource-4.2.28-2.28.1
virtualbox-devel-4.2.28-2.28.1
virtualbox-guest-kmp-default-4.2.28_k3.11.10_29-2.28.1
virtualbox-guest-kmp-default-debuginfo-4.2.28_k3.11.10_29-2.28.1
virtualbox-guest-kmp-desktop-4.2.28_k3.11.10_29-2.28.1
virtualbox-guest-kmp-desktop-debuginfo-4.2.28_k3.11.10_29-2.28.1
virtualbox-guest-tools-4.2.28-2.28.1
virtualbox-guest-tools-debuginfo-4.2.28-2.28.1
virtualbox-guest-x11-4.2.28-2.28.1
virtualbox-guest-x11-debuginfo-4.2.28-2.28.1
virtualbox-host-kmp-default-4.2.28_k3.11.10_29-2.28.1
virtualbox-host-kmp-default-debuginfo-4.2.28_k3.11.10_29-2.28.1
virtualbox-host-kmp-desktop-4.2.28_k3.11.10_29-2.28.1
virtualbox-host-kmp-desktop-debuginfo-4.2.28_k3.11.10_29-2.28.1
virtualbox-qt-4.2.28-2.28.1
virtualbox-qt-debuginfo-4.2.28-2.28.1
virtualbox-websrv-4.2.28-2.28.1
virtualbox-websrv-debuginfo-4.2.28-2.28.1
xen-debugsource-4.3.3_04-37.1
xen-devel-4.3.3_04-37.1
xen-kmp-default-4.3.3_04_k3.11.10_29-37.1
xen-kmp-default-debuginfo-4.3.3_04_k3.11.10_29-37.1
xen-kmp-desktop-4.3.3_04_k3.11.10_29-37.1
xen-kmp-desktop-debuginfo-4.3.3_04_k3.11.10_29-37.1
xen-libs-4.3.3_04-37.1
xen-libs-debuginfo-4.3.3_04-37.1
xen-tools-domU-4.3.3_04-37.1
xen-tools-domU-debuginfo-4.3.3_04-37.1
xtables-addons-2.3-2.19.1
xtables-addons-debuginfo-2.3-2.19.1
xtables-addons-debugsource-2.3-2.19.1
xtables-addons-kmp-default-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-desktop-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-xen-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-xen-debuginfo-2.3_k3.11.10_29-2.19.1
- openSUSE 13.1 (noarch):
kernel-devel-3.11.10-29.1
kernel-docs-3.11.10-29.2
kernel-source-3.11.10-29.1
kernel-source-vanilla-3.11.10-29.1
- openSUSE 13.1 (x86_64):
xen-4.3.3_04-37.1
xen-doc-html-4.3.3_04-37.1
xen-libs-32bit-4.3.3_04-37.1
xen-libs-debuginfo-32bit-4.3.3_04-37.1
xen-tools-4.3.3_04-37.1
xen-tools-debuginfo-4.3.3_04-37.1
xen-xend-tools-4.3.3_04-37.1
xen-xend-tools-debuginfo-4.3.3_04-37.1
- openSUSE 13.1 (i686):
kernel-pae-3.11.10-29.1
kernel-pae-base-3.11.10-29.1
kernel-pae-base-debuginfo-3.11.10-29.1
kernel-pae-debuginfo-3.11.10-29.1
kernel-pae-debugsource-3.11.10-29.1
kernel-pae-devel-3.11.10-29.1
kernel-pae-devel-debuginfo-3.11.10-29.1
- openSUSE 13.1 (i586):
cloop-kmp-pae-2.639_k3.11.10_29-11.19.1
cloop-kmp-pae-debuginfo-2.639_k3.11.10_29-11.19.1
crash-kmp-pae-7.0.2_k3.11.10_29-2.19.1
crash-kmp-pae-debuginfo-7.0.2_k3.11.10_29-2.19.1
hdjmod-kmp-pae-1.28_k3.11.10_29-16.19.1
hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_29-16.19.1
ipset-kmp-pae-6.21.1_k3.11.10_29-2.23.1
ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_29-2.23.1
iscsitarget-kmp-pae-1.4.20.3_k3.11.10_29-13.19.1
iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.11.10_29-13.19.1
ndiswrapper-kmp-pae-1.58_k3.11.10_29-19.1
ndiswrapper-kmp-pae-debuginfo-1.58_k3.11.10_29-19.1
pcfclock-kmp-pae-0.44_k3.11.10_29-258.19.1
pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_29-258.19.1
vhba-kmp-pae-20130607_k3.11.10_29-2.20.1
vhba-kmp-pae-debuginfo-20130607_k3.11.10_29-2.20.1
virtualbox-guest-kmp-pae-4.2.28_k3.11.10_29-2.28.1
virtualbox-guest-kmp-pae-debuginfo-4.2.28_k3.11.10_29-2.28.1
virtualbox-host-kmp-pae-4.2.28_k3.11.10_29-2.28.1
virtualbox-host-kmp-pae-debuginfo-4.2.28_k3.11.10_29-2.28.1
xen-kmp-pae-4.3.3_04_k3.11.10_29-37.1
xen-kmp-pae-debuginfo-4.3.3_04_k3.11.10_29-37.1
xtables-addons-kmp-pae-2.3_k3.11.10_29-2.19.1
xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_29-2.19.1
References:
https://www.suse.com/security/cve/CVE-2014-7822.html
https://www.suse.com/security/cve/CVE-2014-8134.html
https://www.suse.com/security/cve/CVE-2014-8160.html
https://www.suse.com/security/cve/CVE-2014-8173.html
https://www.suse.com/security/cve/CVE-2014-8559.html
https://www.suse.com/security/cve/CVE-2014-9419.html
https://www.suse.com/security/cve/CVE-2014-9420.html
https://www.suse.com/security/cve/CVE-2014-9529.html
https://www.suse.com/security/cve/CVE-2014-9584.html
https://www.suse.com/security/cve/CVE-2014-9585.html
https://www.suse.com/security/cve/CVE-2015-1593.html
https://bugzilla.suse.com/903640
https://bugzilla.suse.com/904899
https://bugzilla.suse.com/907988
https://bugzilla.suse.com/909078
https://bugzilla.suse.com/910150
https://bugzilla.suse.com/911325
https://bugzilla.suse.com/911326
https://bugzilla.suse.com/912202
https://bugzilla.suse.com/912654
https://bugzilla.suse.com/912705
https://bugzilla.suse.com/913059
https://bugzilla.suse.com/913695
https://bugzilla.suse.com/914175
https://bugzilla.suse.com/915322
https://bugzilla.suse.com/917839
https://bugzilla.suse.com/920901
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2015:0713-1: important: Security update for Linux Kernel
by opensuse-security@opensuse.org 13 Apr '15
by opensuse-security@opensuse.org 13 Apr '15
13 Apr '15
openSUSE Security Update: Security update for Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0713-1
Rating: important
References: #867199 #893428 #895797 #900811 #901925 #903589
#903640 #904899 #905681 #907039 #907818 #907988
#908582 #908588 #908589 #908592 #908593 #908594
#908596 #908598 #908603 #908604 #908605 #908606
#908608 #908610 #908612 #909077 #909078 #909477
#909634 #910150 #910322 #910440 #911311 #911325
#911326 #911356 #911438 #911578 #911835 #912061
#912202 #912429 #912705 #913059 #913466 #913695
#914175 #915425 #915454 #915456 #915577 #915858
#916608 #917830 #917839 #918954 #918970 #919463
#920581 #920604 #921313 #922542 #922944
Cross-References: CVE-2014-8134 CVE-2014-8160 CVE-2014-8559
CVE-2014-9419 CVE-2014-9420 CVE-2014-9428
CVE-2014-9529 CVE-2014-9584 CVE-2014-9585
CVE-2015-0777 CVE-2015-1421 CVE-2015-1593
CVE-2015-2150
Affected Products:
openSUSE 13.2
______________________________________________________________________________
An update that solves 13 vulnerabilities and has 52 fixes
is now available.
Description:
The Linux kernel was updated to fix bugs and security issues:
Following security issues were fixed:
- CVE-2015-1421: Use-after-free vulnerability in the sctp_assoc_update
function in net/sctp/associola.c in the Linux kernel allowed remote
attackers to cause a denial of service (slab corruption and panic) or
possibly have unspecified other impact by triggering an INIT collision
that leads to improper handling of shared-key data.
- CVE-2015-2150: XSA-120: Guests were permitted to modify all bits of the
PCI command register of passed through cards, which could lead to Host
system crashes.
- CVE-2015-0777: The XEN usb backend could leak information to the guest
system due to copying uninitialized memory.
- CVE-2015-1593: A integer overflow reduced the effectiveness of the stack
randomization on 64-bit systems.
- CVE-2014-9419: The __switch_to function in arch/x86/kernel/process_64.c
in the Linux kernel did not ensure that Thread Local Storage (TLS)
descriptors are loaded before proceeding with other steps, which made it
easier for local users to bypass the ASLR protection mechanism via a
crafted application that reads a TLS base address.
- CVE-2014-9428: The batadv_frag_merge_packets function in
net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the
Linux kernel used an incorrect length field during a calculation of an
amount of memory, which allowed remote attackers to cause a denial of
service (mesh-node system crash) via fragmented packets.
- CVE-2014-8160: net/netfilter/nf_conntrack_proto_generic.c in the Linux
kernel generated incorrect conntrack entries during handling of certain
iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols,
which allowed remote attackers to bypass intended access restrictions
via packets with disallowed port numbers.
- CVE-2014-9529: Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel allowed local users to cause a
denial of service (memory corruption or panic) or possibly have
unspecified other impact via keyctl commands that trigger access to a
key structure member during garbage collection of a key.
- CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the
Linux kernel did not restrict the number of Rock Ridge continuation
entries, which allowed local users to cause a denial of service
(infinite loop, and system crash or hang) via a crafted iso9660 image.
- CVE-2014-9584: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel did not validate a length value in
the Extensions Reference (ER) System Use Field, which allowed local
users to obtain sensitive information from kernel memory via a crafted
iso9660 image.
- CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the
Linux kernel did not properly choose memory locations for the vDSO area,
which made it easier for local users to bypass the ASLR protection
mechanism by guessing a location at the end of a PMD.
- CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux kernel
through did not properly maintain the semantics of rename_lock, which
allowed local users to cause a denial of service (deadlock and system
hang) via a crafted application.
- CVE-2014-8134: The paravirt_ops_setup function in arch/x86/kernel/kvm.c
in the Linux kernel used an improper paravirt_enabled setting for KVM
guest kernels, which made it easier for guest OS users to bypass the
ASLR protection mechanism via a crafted application that reads a 16-bit
value.
Following bugs were fixed:
- powerpc/pci: Fix IO space breakage after of_pci_range_to_resource()
change (bnc#922542).
- cifs: fix use-after-free bug in find_writable_file (bnc#909477).
- usb: Do not allow usb_alloc_streams on unconfigured devices (bsc#920581).
- fuse: honour max_read and max_write in direct_io mode (bnc#918954).
- switch iov_iter_get_pages() to passing maximal number of pages
(bnc#918954).
- bcache: fix a livelock in btree lock v2 (bnc#910440) (bnc#910440).
Updated because another version went upstream
- drm/i915: Initialise userptr mmu_notifier serial to 1 (bnc#918970).
- NFS: Don't try to reclaim delegation open state if recovery failed
(boo#909634).
- NFSv4: Ensure that we call FREE_STATEID when NFSv4.x stateids are
revoked (boo#909634).
- NFSv4: Fix races between nfs_remove_bad_delegation() and delegation
return (boo#909634).
- NFSv4: Ensure that we remove NFSv4.0 delegations when state has expired
(boo#909634).
- Fixing lease renewal (boo#909634).
- bcache: Fix a bug when detaching (bsc#908582).
- fix a leak in bch_cached_dev_run() (bnc#910440).
- bcache: unregister reboot notifier when bcache fails to register a block
device (bnc#910440).
- bcache: fix a livelock in btree lock (bnc#910440).
- bcache: [BUG] clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing
device (bnc#910440).
- bcache: Add a cond_resched() call to gc (bnc#910440).
- storvsc: ring buffer failures may result in I/O freeze (bnc#914175).
- ALSA: seq-dummy: remove deadlock-causing events on close (boo#916608).
- ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat mode
(boo#916608).
- ALSA: bebob: Uninitialized id returned by saffirepro_both_clk_src_get
(boo#916608).
- ALSA: hda - Fix built-in mic on Compaq Presario CQ60 (bnc#920604).
- ALSA: hda - Fix regression of HD-audio controller fallback modes
(bsc#921313).
- [media] sound: Update au0828 quirks table (boo#916608).
- [media] sound: simplify au0828 quirk table (boo#916608).
- ALSA: usb-audio: Add mic volume fix quirk for Logitech Webcam C210
(boo#916608).
- ALSA: usb-audio: extend KEF X300A FU 10 tweak to Arcam rPAC (boo#916608).
- ALSA: usb-audio: Add ctrl message delay quirk for Marantz/Denon devices
(boo#916608).
- ALSA: usb-audio: Fix memory leak in FTU quirk (boo#916608).
- ALSA: usb-audio: Fix device_del() sysfs warnings at disconnect
(boo#916608).
- ALSA: hda - Add new GPU codec ID 0x10de0072 to snd-hda (boo#916608).
- ALSA: hda - Fix wrong gpio_dir & gpio_mask hint setups for IDT/STAC
codecs (boo#916608).
- ALSA: hda/realtek - New codec support for ALC298 (boo#916608).
- ALSA: hda/realtek - New codec support for ALC256 (boo#916608).
- ALSA: hda/realtek - Add new Dell desktop for ALC3234 headset mode
(boo#916608).
- ALSA: hda - Add EAPD fixup for ASUS Z99He laptop (boo#916608).
- ALSA: hda - Fix built-in mic at resume on Lenovo Ideapad S210
(boo#916608).
- ALSA: hda/realtek - Add headset Mic support for new Dell machine
(boo#916608).
- ALSA: hda_intel: Add DeviceIDs for Sunrise Point-LP (boo#916608).
- ALSA: hda_intel: Add Device IDs for Intel Sunrise Point PCH (boo#916608).
- ALSA: hda - add codec ID for Braswell display audio codec (boo#916608).
- ALSA: hda - add PCI IDs for Intel Braswell (boo#916608).
- ALSA: hda - Add dock support for Thinkpad T440 (17aa:2212) (boo#916608).
- ALSA: hda - Set up GPIO for Toshiba Satellite S50D (bnc#915858).
- rpm/kernel-binary.spec.in: Fix build if there is no *.crt file
- mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process
being killed (VM Functionality bnc#910150).
- Input: evdev - fix EVIOCG{type} ioctl (bnc#904899).
- mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by
mount (bsc#907988).
- Btrfs: fix scrub race leading to use-after-free (bnc#915456).
- Btrfs: fix setup_leaf_for_split() to avoid leaf corruption (bnc#915454).
- Btrfs: fix fsync log replay for inodes with a mix of regular refs and
extrefs (bnc#915425).
- Btrfs: fix fsync when extend references are added to an inode
(bnc#915425).
- Btrfs: fix directory inconsistency after fsync log replay (bnc#915425).
- Btrfs: make xattr replace operations atomic (bnc#913466).
- Btrfs: fix directory recovery from fsync log (bnc#895797).
- bcache: add mutex lock for bch_is_open (bnc#908612).
- bcache: Correct printing of btree_gc_max_duration_ms (bnc#908610).
- bcache: fix crash with incomplete cache set (bnc#908608).
- bcache: fix memory corruption in init error path (bnc#908606).
- bcache: Fix more early shutdown bugs (bnc#908605).
- bcache: fix use-after-free in btree_gc_coalesce() (bnc#908604).
- bcache: Fix an infinite loop in journal replay (bnc#908603).
- bcache: fix typo in bch_bkey_equal_header (bnc#908598).
- bcache: Make sure to pass GFP_WAIT to mempool_alloc() (bnc#908596).
- bcache: fix crash on shutdown in passthrough mode (bnc#908594).
- bcache: fix lockdep warnings on shutdown (bnc#908593).
- bcache allocator: send discards with correct size (bnc#908592).
- bcache: Fix to remove the rcu_sched stalls (bnc#908589).
- bcache: Fix a journal replay bug (bnc#908588).
- Update x86_64 config files: CONFIG_SENSORS_NCT6683=m The nct6683 driver
is already enabled on i386 and history suggests that it not being
enabled on x86_64 is by mistake.
- rpm/kernel-binary.spec.in: Own the modules directory in the devel
package (bnc#910322)
- Revert "iwlwifi: mvm: treat EAPOLs like mgmt frames wrt rate"
(bnc#900811).
- mm: free compound page with correct order (bnc#913695).
- drm/i915: More cautious with pch fifo underruns (boo#907039).
- Refresh patches.arch/arm64-0039-generic-pci.patch (fix PCI bridge
support)
- x86/microcode/intel: Fish out the stashed microcode for the BSP
(bsc#903589).
- x86, microcode: Reload microcode on resume (bsc#903589).
- x86, microcode: Don't initialize microcode code on paravirt (bsc#903589).
- x86, microcode, intel: Drop unused parameter (bsc#903589).
- x86, microcode, AMD: Do not use smp_processor_id() in preemtible context
(bsc#903589).
- x86, microcode: Update BSPs microcode on resume (bsc#903589).
- x86, microcode, AMD: Fix ucode patch stashing on 32-bit (bsc#903589).
- x86, microcode: Fix accessing dis_ucode_ldr on 32-bit (bsc#903589).
- x86, microcode, AMD: Fix early ucode loading on 32-bit (bsc#903589).
- Bluetooth: Add support for Broadcom BCM20702A0 variants firmware
download (bnc#911311).
- drm/radeon: fix sad_count check for dce3 (bnc#911356).
- drm/i915: Don't call intel_prepare_page_flip() multiple times
on gen2-4 (bnc#911835).
- udf: Check component length before reading it.
- udf: Check path length when reading symlink.
- udf: Verify symlink size before loading it.
- udf: Verify i_size when loading inode.
- arm64: Enable DRM
- arm64: Enable generic PHB driver (bnc#912061).
- ACPI / video: Add some Samsung models to disable_native_backlight list
(boo#905681).
- asus-nb-wmi: Add another wapf=4 quirk (boo#911438).
- asus-nb-wmi: Add wapf4 quirk for the X550VB (boo#911438).
- asus-nb-wmi: Add wapf4 quirk for the U32U (boo#911438).
- asus-nb-wmi: Add wapf4 quirk for the X550CC (boo#911438).
- asus-nb-wmi: Constify asus_quirks DMI table (boo#911438).
- asus-nb-wmi: Add wapf4 quirk for the X550CL (boo#911438).
- asus-nb-wmi.c: Rename x401u quirk to wapf4 (boo#911438).
- asus-nb-wmi: Add ASUSTeK COMPUTER INC. X200CA (boo#911438).
- WAPF 4 for ASUSTeK COMPUTER INC. X75VBP WLAN ON (boo#911438).
- Input: synaptics - gate forcepad support by DMI check (bnc#911578).
- ext4: introduce aging to extent status tree (bnc#893428).
- ext4: cleanup flag definitions for extent status tree (bnc#893428).
- ext4: limit number of scanned extents in status tree shrinker
(bnc#893428).
- ext4: move handling of list of shrinkable inodes into extent status code
(bnc#893428).
- ext4: change LRU to round-robin in extent status tree shrinker
(bnc#893428).
- ext4: cache extent hole in extent status tree for ext4_da_map_blocks()
(bnc#893428).
- ext4: fix block reservation for bigalloc filesystems (bnc#893428).
- ext4: track extent status tree shrinker delay statictics (bnc#893428).
- ext4: improve extents status tree trace point (bnc#893428).
- rpm/kernel-binary.spec.in: Provide name-version-release for kgraft
packages (bnc#901925)
- rpm/kernel-binary.spec.in: Fix including the secure boot cert in
/etc/uefi/certs
- doc/README.SUSE: update Solid Driver team contacts
- rpm/kernel-binary.spec.in: Do not sign firmware files (bnc#867199)
- Port module signing changes from SLE11-SP3 (fate#314508)
- doc/README.PATCH-POLICY.SUSE: add patch policy / best practices document
after installation.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-302=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i686 x86_64):
kernel-debug-3.16.7-13.2
kernel-debug-base-3.16.7-13.2
kernel-debug-base-debuginfo-3.16.7-13.2
kernel-debug-debuginfo-3.16.7-13.2
kernel-debug-debugsource-3.16.7-13.2
kernel-debug-devel-3.16.7-13.2
kernel-debug-devel-debuginfo-3.16.7-13.2
kernel-desktop-3.16.7-13.2
kernel-desktop-base-3.16.7-13.2
kernel-desktop-base-debuginfo-3.16.7-13.2
kernel-desktop-debuginfo-3.16.7-13.2
kernel-desktop-debugsource-3.16.7-13.2
kernel-desktop-devel-3.16.7-13.2
kernel-ec2-3.16.7-13.2
kernel-ec2-base-3.16.7-13.2
kernel-ec2-base-debuginfo-3.16.7-13.2
kernel-ec2-debuginfo-3.16.7-13.2
kernel-ec2-debugsource-3.16.7-13.2
kernel-ec2-devel-3.16.7-13.2
kernel-vanilla-3.16.7-13.2
kernel-vanilla-debuginfo-3.16.7-13.2
kernel-vanilla-debugsource-3.16.7-13.2
kernel-vanilla-devel-3.16.7-13.2
kernel-xen-3.16.7-13.2
kernel-xen-base-3.16.7-13.2
kernel-xen-base-debuginfo-3.16.7-13.2
kernel-xen-debuginfo-3.16.7-13.2
kernel-xen-debugsource-3.16.7-13.2
kernel-xen-devel-3.16.7-13.2
- openSUSE 13.2 (i586 x86_64):
bbswitch-0.8-3.6.6
bbswitch-debugsource-0.8-3.6.6
bbswitch-kmp-default-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-default-debuginfo-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-desktop-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-xen-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_13-3.6.6
cloop-2.639-14.6.6
cloop-debuginfo-2.639-14.6.6
cloop-debugsource-2.639-14.6.6
cloop-kmp-default-2.639_k3.16.7_13-14.6.6
cloop-kmp-default-debuginfo-2.639_k3.16.7_13-14.6.6
cloop-kmp-desktop-2.639_k3.16.7_13-14.6.6
cloop-kmp-desktop-debuginfo-2.639_k3.16.7_13-14.6.6
cloop-kmp-xen-2.639_k3.16.7_13-14.6.6
cloop-kmp-xen-debuginfo-2.639_k3.16.7_13-14.6.6
crash-7.0.8-6.6
crash-debuginfo-7.0.8-6.6
crash-debugsource-7.0.8-6.6
crash-devel-7.0.8-6.6
crash-doc-7.0.8-6.6
crash-eppic-7.0.8-6.6
crash-eppic-debuginfo-7.0.8-6.6
crash-gcore-7.0.8-6.6
crash-gcore-debuginfo-7.0.8-6.6
crash-kmp-default-7.0.8_k3.16.7_13-6.6
crash-kmp-default-debuginfo-7.0.8_k3.16.7_13-6.6
crash-kmp-desktop-7.0.8_k3.16.7_13-6.6
crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_13-6.6
crash-kmp-xen-7.0.8_k3.16.7_13-6.6
crash-kmp-xen-debuginfo-7.0.8_k3.16.7_13-6.6
hdjmod-debugsource-1.28-18.7.6
hdjmod-kmp-default-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-default-debuginfo-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-desktop-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-xen-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_13-18.7.6
ipset-6.23-6.6
ipset-debuginfo-6.23-6.6
ipset-debugsource-6.23-6.6
ipset-devel-6.23-6.6
ipset-kmp-default-6.23_k3.16.7_13-6.6
ipset-kmp-default-debuginfo-6.23_k3.16.7_13-6.6
ipset-kmp-desktop-6.23_k3.16.7_13-6.6
ipset-kmp-desktop-debuginfo-6.23_k3.16.7_13-6.6
ipset-kmp-xen-6.23_k3.16.7_13-6.6
ipset-kmp-xen-debuginfo-6.23_k3.16.7_13-6.6
kernel-default-3.16.7-13.3
kernel-default-base-3.16.7-13.3
kernel-default-base-debuginfo-3.16.7-13.3
kernel-default-debuginfo-3.16.7-13.3
kernel-default-debugsource-3.16.7-13.3
kernel-default-devel-3.16.7-13.3
kernel-obs-build-3.16.7-13.7
kernel-obs-build-debugsource-3.16.7-13.7
kernel-obs-qa-3.16.7-13.1
kernel-obs-qa-xen-3.16.7-13.1
kernel-syms-3.16.7-13.1
libipset3-6.23-6.6
libipset3-debuginfo-6.23-6.6
pcfclock-0.44-260.6.2
pcfclock-debuginfo-0.44-260.6.2
pcfclock-debugsource-0.44-260.6.2
pcfclock-kmp-default-0.44_k3.16.7_13-260.6.2
pcfclock-kmp-default-debuginfo-0.44_k3.16.7_13-260.6.2
pcfclock-kmp-desktop-0.44_k3.16.7_13-260.6.2
pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_13-260.6.2
python-virtualbox-4.3.20-10.2
python-virtualbox-debuginfo-4.3.20-10.2
vhba-kmp-debugsource-20140629-2.6.2
vhba-kmp-default-20140629_k3.16.7_13-2.6.2
vhba-kmp-default-debuginfo-20140629_k3.16.7_13-2.6.2
vhba-kmp-desktop-20140629_k3.16.7_13-2.6.2
vhba-kmp-desktop-debuginfo-20140629_k3.16.7_13-2.6.2
vhba-kmp-xen-20140629_k3.16.7_13-2.6.2
vhba-kmp-xen-debuginfo-20140629_k3.16.7_13-2.6.2
virtualbox-4.3.20-10.2
virtualbox-debuginfo-4.3.20-10.2
virtualbox-debugsource-4.3.20-10.2
virtualbox-devel-4.3.20-10.2
virtualbox-guest-kmp-default-4.3.20_k3.16.7_13-10.2
virtualbox-guest-kmp-default-debuginfo-4.3.20_k3.16.7_13-10.2
virtualbox-guest-kmp-desktop-4.3.20_k3.16.7_13-10.2
virtualbox-guest-kmp-desktop-debuginfo-4.3.20_k3.16.7_13-10.2
virtualbox-guest-tools-4.3.20-10.2
virtualbox-guest-tools-debuginfo-4.3.20-10.2
virtualbox-guest-x11-4.3.20-10.2
virtualbox-guest-x11-debuginfo-4.3.20-10.2
virtualbox-host-kmp-default-4.3.20_k3.16.7_13-10.2
virtualbox-host-kmp-default-debuginfo-4.3.20_k3.16.7_13-10.2
virtualbox-host-kmp-desktop-4.3.20_k3.16.7_13-10.2
virtualbox-host-kmp-desktop-debuginfo-4.3.20_k3.16.7_13-10.2
virtualbox-qt-4.3.20-10.2
virtualbox-qt-debuginfo-4.3.20-10.2
virtualbox-websrv-4.3.20-10.2
virtualbox-websrv-debuginfo-4.3.20-10.2
xen-debugsource-4.4.1_08-12.2
xen-devel-4.4.1_08-12.2
xen-libs-4.4.1_08-12.2
xen-libs-debuginfo-4.4.1_08-12.2
xen-tools-domU-4.4.1_08-12.2
xen-tools-domU-debuginfo-4.4.1_08-12.2
xtables-addons-2.6-6.2
xtables-addons-debuginfo-2.6-6.2
xtables-addons-debugsource-2.6-6.2
xtables-addons-kmp-default-2.6_k3.16.7_13-6.2
xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_13-6.2
xtables-addons-kmp-desktop-2.6_k3.16.7_13-6.2
xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_13-6.2
xtables-addons-kmp-xen-2.6_k3.16.7_13-6.2
xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_13-6.2
- openSUSE 13.2 (noarch):
kernel-devel-3.16.7-13.1
kernel-docs-3.16.7-13.2
kernel-macros-3.16.7-13.1
kernel-source-3.16.7-13.1
kernel-source-vanilla-3.16.7-13.1
virtualbox-guest-desktop-icons-4.3.20-10.2
- openSUSE 13.2 (x86_64):
xen-4.4.1_08-12.2
xen-doc-html-4.4.1_08-12.2
xen-kmp-default-4.4.1_08_k3.16.7_13-12.2
xen-kmp-default-debuginfo-4.4.1_08_k3.16.7_13-12.2
xen-kmp-desktop-4.4.1_08_k3.16.7_13-12.2
xen-kmp-desktop-debuginfo-4.4.1_08_k3.16.7_13-12.2
xen-libs-32bit-4.4.1_08-12.2
xen-libs-debuginfo-32bit-4.4.1_08-12.2
xen-tools-4.4.1_08-12.2
xen-tools-debuginfo-4.4.1_08-12.2
- openSUSE 13.2 (i686):
kernel-pae-3.16.7-13.2
kernel-pae-base-3.16.7-13.2
kernel-pae-base-debuginfo-3.16.7-13.2
kernel-pae-debuginfo-3.16.7-13.2
kernel-pae-debugsource-3.16.7-13.2
kernel-pae-devel-3.16.7-13.2
- openSUSE 13.2 (i586):
bbswitch-kmp-pae-0.8_k3.16.7_13-3.6.6
bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_13-3.6.6
cloop-kmp-pae-2.639_k3.16.7_13-14.6.6
cloop-kmp-pae-debuginfo-2.639_k3.16.7_13-14.6.6
crash-kmp-pae-7.0.8_k3.16.7_13-6.6
crash-kmp-pae-debuginfo-7.0.8_k3.16.7_13-6.6
hdjmod-kmp-pae-1.28_k3.16.7_13-18.7.6
hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_13-18.7.6
ipset-kmp-pae-6.23_k3.16.7_13-6.6
ipset-kmp-pae-debuginfo-6.23_k3.16.7_13-6.6
pcfclock-kmp-pae-0.44_k3.16.7_13-260.6.2
pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_13-260.6.2
vhba-kmp-pae-20140629_k3.16.7_13-2.6.2
vhba-kmp-pae-debuginfo-20140629_k3.16.7_13-2.6.2
virtualbox-guest-kmp-pae-4.3.20_k3.16.7_13-10.2
virtualbox-guest-kmp-pae-debuginfo-4.3.20_k3.16.7_13-10.2
virtualbox-host-kmp-pae-4.3.20_k3.16.7_13-10.2
virtualbox-host-kmp-pae-debuginfo-4.3.20_k3.16.7_13-10.2
xtables-addons-kmp-pae-2.6_k3.16.7_13-6.2
xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_13-6.2
References:
https://www.suse.com/security/cve/CVE-2014-8134.html
https://www.suse.com/security/cve/CVE-2014-8160.html
https://www.suse.com/security/cve/CVE-2014-8559.html
https://www.suse.com/security/cve/CVE-2014-9419.html
https://www.suse.com/security/cve/CVE-2014-9420.html
https://www.suse.com/security/cve/CVE-2014-9428.html
https://www.suse.com/security/cve/CVE-2014-9529.html
https://www.suse.com/security/cve/CVE-2014-9584.html
https://www.suse.com/security/cve/CVE-2014-9585.html
https://www.suse.com/security/cve/CVE-2015-0777.html
https://www.suse.com/security/cve/CVE-2015-1421.html
https://www.suse.com/security/cve/CVE-2015-1593.html
https://www.suse.com/security/cve/CVE-2015-2150.html
https://bugzilla.suse.com/867199
https://bugzilla.suse.com/893428
https://bugzilla.suse.com/895797
https://bugzilla.suse.com/900811
https://bugzilla.suse.com/901925
https://bugzilla.suse.com/903589
https://bugzilla.suse.com/903640
https://bugzilla.suse.com/904899
https://bugzilla.suse.com/905681
https://bugzilla.suse.com/907039
https://bugzilla.suse.com/907818
https://bugzilla.suse.com/907988
https://bugzilla.suse.com/908582
https://bugzilla.suse.com/908588
https://bugzilla.suse.com/908589
https://bugzilla.suse.com/908592
https://bugzilla.suse.com/908593
https://bugzilla.suse.com/908594
https://bugzilla.suse.com/908596
https://bugzilla.suse.com/908598
https://bugzilla.suse.com/908603
https://bugzilla.suse.com/908604
https://bugzilla.suse.com/908605
https://bugzilla.suse.com/908606
https://bugzilla.suse.com/908608
https://bugzilla.suse.com/908610
https://bugzilla.suse.com/908612
https://bugzilla.suse.com/909077
https://bugzilla.suse.com/909078
https://bugzilla.suse.com/909477
https://bugzilla.suse.com/909634
https://bugzilla.suse.com/910150
https://bugzilla.suse.com/910322
https://bugzilla.suse.com/910440
https://bugzilla.suse.com/911311
https://bugzilla.suse.com/911325
https://bugzilla.suse.com/911326
https://bugzilla.suse.com/911356
https://bugzilla.suse.com/911438
https://bugzilla.suse.com/911578
https://bugzilla.suse.com/911835
https://bugzilla.suse.com/912061
https://bugzilla.suse.com/912202
https://bugzilla.suse.com/912429
https://bugzilla.suse.com/912705
https://bugzilla.suse.com/913059
https://bugzilla.suse.com/913466
https://bugzilla.suse.com/913695
https://bugzilla.suse.com/914175
https://bugzilla.suse.com/915425
https://bugzilla.suse.com/915454
https://bugzilla.suse.com/915456
https://bugzilla.suse.com/915577
https://bugzilla.suse.com/915858
https://bugzilla.suse.com/916608
https://bugzilla.suse.com/917830
https://bugzilla.suse.com/917839
https://bugzilla.suse.com/918954
https://bugzilla.suse.com/918970
https://bugzilla.suse.com/919463
https://bugzilla.suse.com/920581
https://bugzilla.suse.com/920604
https://bugzilla.suse.com/921313
https://bugzilla.suse.com/922542
https://bugzilla.suse.com/922944
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2015:0704-2: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 10 Apr '15
by opensuse-security@opensuse.org 10 Apr '15
10 Apr '15
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0704-2
Rating: important
References: #925368
Cross-References: CVE-2015-0801 CVE-2015-0807 CVE-2015-0813
CVE-2015-0814 CVE-2015-0815 CVE-2015-0816
Affected Products:
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues.
The following vulnerabilities were fixed:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816)
* CORS requests should not follow 30x redirections after preflight (MFSA
2015-37/CVE-2015-0807)
* Same-origin bypass through anchor navigation (MFSA 2015-40/CVE-2015-0801)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-165=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 12 (x86_64):
MozillaFirefox-31.6.0esr-30.1
MozillaFirefox-debuginfo-31.6.0esr-30.1
MozillaFirefox-debugsource-31.6.0esr-30.1
MozillaFirefox-translations-31.6.0esr-30.1
References:
https://www.suse.com/security/cve/CVE-2015-0801.html
https://www.suse.com/security/cve/CVE-2015-0807.html
https://www.suse.com/security/cve/CVE-2015-0813.html
https://www.suse.com/security/cve/CVE-2015-0814.html
https://www.suse.com/security/cve/CVE-2015-0815.html
https://www.suse.com/security/cve/CVE-2015-0816.html
https://bugzilla.suse.com/925368
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2015:0704-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 10 Apr '15
by opensuse-security@opensuse.org 10 Apr '15
10 Apr '15
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0704-1
Rating: important
References: #925368
Cross-References: CVE-2015-0801 CVE-2015-0807 CVE-2015-0813
CVE-2015-0814 CVE-2015-0815 CVE-2015-0816
Affected Products:
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues.
The following vulnerabilities were fixed:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816)
* CORS requests should not follow 30x redirections after preflight (MFSA
2015-37/CVE-2015-0807)
* Same-origin bypass through anchor navigation (MFSA 2015-40/CVE-2015-0801)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-165=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-165=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
MozillaFirefox-debuginfo-31.6.0esr-30.1
MozillaFirefox-debugsource-31.6.0esr-30.1
MozillaFirefox-devel-31.6.0esr-30.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
MozillaFirefox-31.6.0esr-30.1
MozillaFirefox-debuginfo-31.6.0esr-30.1
MozillaFirefox-debugsource-31.6.0esr-30.1
MozillaFirefox-translations-31.6.0esr-30.1
References:
https://www.suse.com/security/cve/CVE-2015-0801.html
https://www.suse.com/security/cve/CVE-2015-0807.html
https://www.suse.com/security/cve/CVE-2015-0813.html
https://www.suse.com/security/cve/CVE-2015-0814.html
https://www.suse.com/security/cve/CVE-2015-0815.html
https://www.suse.com/security/cve/CVE-2015-0816.html
https://bugzilla.suse.com/925368
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2015:0702-1: important: Security update for libXfont
by opensuse-security@opensuse.org 10 Apr '15
by opensuse-security@opensuse.org 10 Apr '15
10 Apr '15
SUSE Security Update: Security update for libXfont
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0702-1
Rating: important
References: #921978
Cross-References: CVE-2015-1802 CVE-2015-1803 CVE-2015-1804
Affected Products:
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
LibXFont was updated to fix security problems.
Following security issues were fixed:
- CVE-2015-1802: The bdf parser reads a count for the number of properties
defined in a font from the font file, and allocates arrays with entries
for each property based on that count. It never checked to see if that
count was negative, or large enough to overflow when multiplied by the
size
of the structures being allocated, and could thus allocate the wrong
buffer size, leading to out of bounds writes.
- CVE-2015-1803: If the bdf parser failed to parse the data for the bitmap
for any character, it would proceed with an invalid pointer to the
bitmap data and later crash when trying to read the bitmap from that
pointer.
- CVE-2015-1804: The bdf parser read metrics values as 32-bit integers,
but stored them into 16-bit integers. Overflows could occur in various
operations leading to out-of-bounds memory access.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-161=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-161=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-161=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
libXfont-debugsource-1.4.7-4.1
libXfont-devel-1.4.7-4.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
libXfont-debugsource-1.4.7-4.1
libXfont1-1.4.7-4.1
libXfont1-debuginfo-1.4.7-4.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
libXfont-debugsource-1.4.7-4.1
libXfont1-1.4.7-4.1
libXfont1-debuginfo-1.4.7-4.1
References:
https://www.suse.com/security/cve/CVE-2015-1802.html
https://www.suse.com/security/cve/CVE-2015-1803.html
https://www.suse.com/security/cve/CVE-2015-1804.html
https://bugzilla.suse.com/921978
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2015:0682-1: important: Security update for Chromium
by opensuse-security@opensuse.org 08 Apr '15
by opensuse-security@opensuse.org 08 Apr '15
08 Apr '15
openSUSE Security Update: Security update for Chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0682-1
Rating: important
References: #925713 #925714
Cross-References: CVE-2015-1233 CVE-2015-1234
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
Chromium was updated to 41.0.2272.118 to fix two security issues.
The following vulnerabilities were fixed:
* A combination of V8, Gamepad and IPC bugs could lead to remote code
execution outside of the sandbox (CVE-2015-1233, boo#925713)
* Buffer overflow via race condition in GPU (CVE-2015-1234, boo#925714)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-298=1
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-298=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i586 x86_64):
chromedriver-41.0.2272.118-20.1
chromedriver-debuginfo-41.0.2272.118-20.1
chromium-41.0.2272.118-20.1
chromium-debuginfo-41.0.2272.118-20.1
chromium-debugsource-41.0.2272.118-20.1
chromium-desktop-gnome-41.0.2272.118-20.1
chromium-desktop-kde-41.0.2272.118-20.1
chromium-ffmpegsumo-41.0.2272.118-20.1
chromium-ffmpegsumo-debuginfo-41.0.2272.118-20.1
- openSUSE 13.1 (i586 x86_64):
chromedriver-41.0.2272.118-75.1
chromedriver-debuginfo-41.0.2272.118-75.1
chromium-41.0.2272.118-75.1
chromium-debuginfo-41.0.2272.118-75.1
chromium-debugsource-41.0.2272.118-75.1
chromium-desktop-gnome-41.0.2272.118-75.1
chromium-desktop-kde-41.0.2272.118-75.1
chromium-ffmpegsumo-41.0.2272.118-75.1
chromium-ffmpegsumo-debuginfo-41.0.2272.118-75.1
References:
https://www.suse.com/security/cve/CVE-2015-1233.html
https://www.suse.com/security/cve/CVE-2015-1234.html
https://bugzilla.suse.com/925713
https://bugzilla.suse.com/925714
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2015:0677-1: important: Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr
by opensuse-security@opensuse.org 08 Apr '15
by opensuse-security@opensuse.org 08 Apr '15
08 Apr '15
openSUSE Security Update: Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0677-1
Rating: important
References: #925368 #925392 #925393 #925394 #925395 #925396
#925397 #925398 #925399 #925400 #925401 #925402
#926166
Cross-References: CVE-2015-0799 CVE-2015-0801 CVE-2015-0802
CVE-2015-0803 CVE-2015-0804 CVE-2015-0805
CVE-2015-0806 CVE-2015-0807 CVE-2015-0808
CVE-2015-0811 CVE-2015-0812 CVE-2015-0813
CVE-2015-0814 CVE-2015-0815 CVE-2015-0816
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
Mozilla Firefox and Thunderbird were updated to fix several important
vulnerabilities.
Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to
31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency.
The following vulnerabilities were fixed in Mozilla Firefox:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813 bmo#1106596 boo#925393)
* Add-on lightweight theme installation approval bypassed through MITM
attack (MFSA 2015-32/CVE-2015-0812 bmo#1128126 boo#925394)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816 bmo#1144991 boo#925395)
* Out of bounds read in QCMS library (MFSA-2015-34/CVE-2015-0811
bmo#1132468 boo#925396)
* Incorrect memory management for simple-type arrays in WebRTC
(MFSA-2015-36/CVE-2015-0808 bmo#1109552 boo#925397)
* CORS requests should not follow 30x redirections after preflight
(MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398)
* Memory corruption crashes in Off Main Thread Compositing
(MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 bmo#1135511 bmo#1099437
boo#925399)
* Use-after-free due to type confusion flaws
(MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (mo#1134560 boo#925400)
* Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801
bmo#1146339 boo#925401)
* Windows can retain access to privileged content on navigation to
unprivileged pages (MFSA-2015-42/CVE-2015-0802 bmo#1124898 boo#925402)
The following vulnerability was fixed in functionality that was not
released as an update to openSUSE:
* Certificate verification could be bypassed through the HTTP/2 Alt-Svc
header (MFSA 2015-44/CVE-2015-0799 bmo#1148328 bnc#926166)
The functionality added in 37.0 and thus removed in 37.0.1 was:
* Opportunistically encrypt HTTP traffic where the server supports HTTP/2
AltSvc
The following functionality was added or updated in Mozilla Firefox:
* Heartbeat user rating system
* Yandex set as default search provider for the Turkish locale
* Bing search now uses HTTPS for secure searching
* Improved protection against site impersonation via OneCRL centralized
certificate revocation
* some more behaviour changes for TLS
The following vulnerabilities were fixed in Mozilla Thunderbird:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813 bmo#1106596 boo#925393)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816 bmo#1144991 boo#925395)
* CORS requests should not follow 30x redirections after preflight
(MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398)
* Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801
bmo#1146339 boo#925401)
mozilla-nspr was updated to 4.10.8 as a dependency and received the
following changes:
* bmo#573192: remove the stack-based PRFileDesc cache.
* bmo#756047: check for _POSIX_THREAD_PRIORITY_SCHEDULING > 0 instead of
only checking if the identifier is defined.
* bmo#1089908: Fix variable shadowing in _PR_MD_LOCKFILE. Use
PR_ARRAY_SIZE to get the array size of _PR_RUNQ(t->cpu).
* bmo#1106600: Replace PR_ASSERT(!"foo") with PR_NOT_REACHED("foo") to
fix clang -Wstring-conversion warnings.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-290=1
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-290=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i586 x86_64):
MozillaFirefox-37.0.1-23.1
MozillaFirefox-branding-upstream-37.0.1-23.1
MozillaFirefox-buildsymbols-37.0.1-23.1
MozillaFirefox-debuginfo-37.0.1-23.1
MozillaFirefox-debugsource-37.0.1-23.1
MozillaFirefox-devel-37.0.1-23.1
MozillaFirefox-translations-common-37.0.1-23.1
MozillaFirefox-translations-other-37.0.1-23.1
MozillaThunderbird-31.6.0-15.3
MozillaThunderbird-buildsymbols-31.6.0-15.3
MozillaThunderbird-debuginfo-31.6.0-15.3
MozillaThunderbird-debugsource-31.6.0-15.3
MozillaThunderbird-devel-31.6.0-15.3
MozillaThunderbird-translations-common-31.6.0-15.3
MozillaThunderbird-translations-other-31.6.0-15.3
mozilla-nspr-4.10.8-6.1
mozilla-nspr-debuginfo-4.10.8-6.1
mozilla-nspr-debugsource-4.10.8-6.1
mozilla-nspr-devel-4.10.8-6.1
- openSUSE 13.2 (x86_64):
mozilla-nspr-32bit-4.10.8-6.1
mozilla-nspr-debuginfo-32bit-4.10.8-6.1
- openSUSE 13.1 (i586 x86_64):
MozillaFirefox-37.0.1-68.1
MozillaFirefox-branding-upstream-37.0.1-68.1
MozillaFirefox-buildsymbols-37.0.1-68.1
MozillaFirefox-debuginfo-37.0.1-68.1
MozillaFirefox-debugsource-37.0.1-68.1
MozillaFirefox-devel-37.0.1-68.1
MozillaFirefox-translations-common-37.0.1-68.1
MozillaFirefox-translations-other-37.0.1-68.1
MozillaThunderbird-31.6.0-70.50.2
MozillaThunderbird-buildsymbols-31.6.0-70.50.2
MozillaThunderbird-debuginfo-31.6.0-70.50.2
MozillaThunderbird-debugsource-31.6.0-70.50.2
MozillaThunderbird-devel-31.6.0-70.50.2
MozillaThunderbird-translations-common-31.6.0-70.50.2
MozillaThunderbird-translations-other-31.6.0-70.50.2
mozilla-nspr-4.10.8-22.1
mozilla-nspr-debuginfo-4.10.8-22.1
mozilla-nspr-debugsource-4.10.8-22.1
mozilla-nspr-devel-4.10.8-22.1
- openSUSE 13.1 (x86_64):
mozilla-nspr-32bit-4.10.8-22.1
mozilla-nspr-debuginfo-32bit-4.10.8-22.1
References:
https://www.suse.com/security/cve/CVE-2015-0799.html
https://www.suse.com/security/cve/CVE-2015-0801.html
https://www.suse.com/security/cve/CVE-2015-0802.html
https://www.suse.com/security/cve/CVE-2015-0803.html
https://www.suse.com/security/cve/CVE-2015-0804.html
https://www.suse.com/security/cve/CVE-2015-0805.html
https://www.suse.com/security/cve/CVE-2015-0806.html
https://www.suse.com/security/cve/CVE-2015-0807.html
https://www.suse.com/security/cve/CVE-2015-0808.html
https://www.suse.com/security/cve/CVE-2015-0811.html
https://www.suse.com/security/cve/CVE-2015-0812.html
https://www.suse.com/security/cve/CVE-2015-0813.html
https://www.suse.com/security/cve/CVE-2015-0814.html
https://www.suse.com/security/cve/CVE-2015-0815.html
https://www.suse.com/security/cve/CVE-2015-0816.html
https://bugzilla.suse.com/925368
https://bugzilla.suse.com/925392
https://bugzilla.suse.com/925393
https://bugzilla.suse.com/925394
https://bugzilla.suse.com/925395
https://bugzilla.suse.com/925396
https://bugzilla.suse.com/925397
https://bugzilla.suse.com/925398
https://bugzilla.suse.com/925399
https://bugzilla.suse.com/925400
https://bugzilla.suse.com/925401
https://bugzilla.suse.com/925402
https://bugzilla.suse.com/926166
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2015:0674-1: important: Security update for xorg-x11-libs
by opensuse-security@opensuse.org 07 Apr '15
by opensuse-security@opensuse.org 07 Apr '15
07 Apr '15
SUSE Security Update: Security update for xorg-x11-libs
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0674-1
Rating: important
References: #921978
Cross-References: CVE-2015-1802 CVE-2015-1803 CVE-2015-1804
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
LibXFont was updated to fix security problems that could be used by local
attackers to gain X server privileges (root).
The following security issues have been fixed:
*
CVE-2015-1802: The bdf parser reads a count for the number of
properties defined in a font from the font file, and allocates arrays with
entries for each property based on that count. It never checked to see if
that count was negative, or large enough to overflow when multiplied by
the size of the structures being allocated, and could thus allocate the
wrong buffer size, leading to out of bounds writes.
*
CVE-2015-1803: If the bdf parser failed to parse the data for the
bitmap for any character, it would proceed with an invalid pointer to the
bitmap data and later crash when trying to read the bitmap from that
pointer.
*
CVE-2015-1804: The bdf parser read metrics values as 32-bit
integers, but stored them into 16-bit integers. Overflows could occur in
various operations leading to out-of-bounds memory access.
Security Issues:
* CVE-2015-1802
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802>
* CVE-2015-1803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803>
* CVE-2015-1804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-xorg-x11-devel=10487
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-xorg-x11-devel=10487
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-xorg-x11-devel=10487
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-xorg-x11-devel=10487
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64):
xorg-x11-devel-7.4-8.26.44.1
- SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64):
xorg-x11-devel-32bit-7.4-8.26.44.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
xorg-x11-libs-7.4-8.26.44.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64):
xorg-x11-libs-32bit-7.4-8.26.44.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64):
xorg-x11-libs-7.4-8.26.44.1
- SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64):
xorg-x11-libs-32bit-7.4-8.26.44.1
- SUSE Linux Enterprise Server 11 SP3 (ia64):
xorg-x11-libs-x86-7.4-8.26.44.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):
xorg-x11-libs-7.4-8.26.44.1
- SUSE Linux Enterprise Desktop 11 SP3 (x86_64):
xorg-x11-libs-32bit-7.4-8.26.44.1
References:
https://www.suse.com/security/cve/CVE-2015-1802.html
https://www.suse.com/security/cve/CVE-2015-1803.html
https://www.suse.com/security/cve/CVE-2015-1804.html
https://bugzilla.suse.com/921978
https://download.suse.com/patch/finder/?keywords=9bf31baa0e7f2f9f6297b4bbb4…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2015:0658-1: important: Security Update for Linux Kernel
by opensuse-security@opensuse.org 02 Apr '15
by opensuse-security@opensuse.org 02 Apr '15
02 Apr '15
SUSE Security Update: Security Update for Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0658-1
Rating: important
References: #898675 #903997 #904242 #909309 #909477 #909684
#910517 #913080 #914818 #915200 #915660 #917830
#918584 #918615 #918620 #918644 #919463 #919719
#919939 #920615 #920805 #920839 #921313 #921527
#921990 #922272 #922275 #922278 #922284 #924460
Cross-References: CVE-2015-0777 CVE-2015-2150
Affected Products:
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves two vulnerabilities and has 28 fixes
is now available.
Description:
The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to
receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-0777: The XEN usb backend could leak information to the guest
system due to copying uninitialized memory.
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response.
The following non-security bugs were fixed:
- Added Little Endian support to vtpm module (bsc#918620).
- Add support for pnfs block layout. Patches not included by default yet
- ALSA: hda - Fix regression of HD-audio controller fallback modes
(bsc#921313).
- btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284).
- btrfs: cleanup orphans while looking up default subvolume (bsc#914818).
- btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr
(bnc#922272).
- btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group
(bnc#922278).
- btrfs: fix data loss in the fast fsync path (bnc#922275).
- btrfs: fix fsync data loss after adding hard link to inode (bnc#922275).
- cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644).
- cifs: fix use-after-free bug in find_writable_file (bnc#909477).
- crypto: rng - RNGs must return 0 in success case (bsc#920805).
- crypto: testmgr - fix RNG return code enforcement (bsc#920805).
- exit: Always reap resource stats in __exit_signal() (Time scalability).
- fork: report pid reservation failure properly (bnc#909684).
- fsnotify: Fix handling of renames in audit (bnc#915200).
- HID: hyperv: match wait_for_completion_timeout return type.
- hv: address compiler warnings for hv_fcopy_daemon.c.
- hv: address compiler warnings for hv_kvp_daemon.c.
- hv: check vmbus_device_create() return value in vmbus_process_offer().
- hv: do not add redundant / in hv_start_fcopy().
- hv: hv_balloon: Do not post pressure status from interrupt context.
- hv: hv_balloon: Fix a locking bug in the balloon driver.
- hv: hv_balloon: Make adjustments in computing the floor.
- hv: hv_fcopy: drop the obsolete message on transfer failure.
- hv: kvp_daemon: make IPv6-only-injection work.
- hv: remove unused bytes_written from kvp_update_file().
- hv: rename sc_lock to the more generic lock.
- hv: vmbus: Fix a bug in vmbus_establish_gpadl().
- hv: vmbus: hv_process_timer_expiration() can be static.
- hv: vmbus: Implement a clockevent device.
- hv: vmbus: serialize Offer and Rescind offer.
- hv: vmbus: Support a vmbus API for efficiently sending page arrays.
- hv: vmbus: Use get_cpu() to get the current CPU.
- hyperv: fix sparse warnings.
- hyperv: Fix the error processing in netvsc_send().
- hyperv: match wait_for_completion_timeout return type.
- hyperv: netvsc.c: match wait_for_completion_timeout return type.
- iommu/vt-d: Fix dmar_domain leak in iommu_attach_device (bsc#924460).
- kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- kABI: protect linux/namei.h include in procfs.
- kABI: protect struct hif_scatter_req.
- kabi/severities: Stop maintaining the kgraft kabi
- kernel/sched/clock.c: add another clock for use with the soft lockup
watchdog (bsc#919939).
- kgr: Allow patches to require an exact kernel version (bnc#920615).
- KVM: PPC: Book3S HV: ptes are big endian (bsc#920839).
- mm: convert the rest to new page table lock api (the suse-only cases)
(fate#315482).
- mm: fix anon_vma->degree underflow in anon_vma endless growing
prevention (bnc#904242).
- mm: fix corner case in anon_vma endless growing prevention (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy mm: prevent endless
growth of anon_vma hierarchy (bnc#904242).
- mm: vmscan: count only dirty pages as congested (VM Performance,
bnc#910517).
- module: Clean up ro/nx after early module load failures (bsc#921990).
- module: set nx before marking module MODULE_STATE_COMING (bsc#921990).
- net: add sysfs helpers for netdev_adjacent logic (bnc#915660).
- net: correct error path in rtnl_newlink() (bnc#915660).
- net: fix creation adjacent device symlinks (bnc#915660).
- net: prevent of emerging cross-namespace symlinks (bnc#915660).
- net: rename sysfs symlinks on device name change (bnc#915660).
- nfs: cap request size to fit a kmalloced page array (bnc#898675).
- nfs: commit layouts in fdatasync (bnc#898675).
- NFSv4.1: Do not trust attributes if a pNFS LAYOUTCOMMIT is outstanding
(bnc#898675).
- NFSv4.1: Ensure that the layout recall callback matches layout stateids
(bnc#898675).
- NFSv4.1: Ensure that we free existing layout segments if we get a new
layout (bnc#898675).
- NFSv4.1: Fix a race in nfs4_write_inode (bnc#898675).
- NFSv4.1: Fix wraparound issues in pnfs_seqid_is_newer() (bnc#898675).
- NFSv4.1: Minor optimisation in get_layout_by_fh_locked() (bnc#898675).
- NFSv4: Do not update the open stateid unless it is newer than the old
one (bnc#898675).
- pnfs: add a common GETDEVICELIST implementation (bnc#898675).
- pnfs: add a nfs4_get_deviceid helper (bnc#898675).
- pnfs: add flag to force read-modify-write in ->write_begin
(bnc#898675).
- pnfs: add return_range method (bnc#898675).
- pnfs: allow splicing pre-encoded pages into the layoutcommit args
(bnc#898675).
- pnfs: avoid using stale stateids after layoutreturn (bnc#898675).
- pnfs/blocklayout: allocate separate pages for the layoutcommit payload
(bnc#898675).
- pnfs/blocklayout: correctly decrement extent length (bnc#898675).
- pnfs/blocklayout: do not set pages uptodate (bnc#898675).
- pnfs/blocklayout: Fix a 64-bit division/remainder issue in bl_map_stripe
(bnc#898675).
- pnfs/blocklayout: implement the return_range method (bnc#898675).
- pnfs/blocklayout: improve GETDEVICEINFO error reporting (bnc#898675).
- pnfs/blocklayout: include vmalloc.h for __vmalloc (bnc#898675).
- pnfs/blocklayout: in-kernel GETDEVICEINFO XDR parsing (bnc#898675).
- pnfs/blocklayout: move all rpc_pipefs related code into a single file
(bnc#898675).
- pnfs/blocklayout: move extent processing to blocklayout.c (bnc#898675).
- pnfs/blocklayout: plug block queues (bnc#898675).
- pnfs/blocklayout: refactor extent processing (bnc#898675).
- pnfs/blocklayout: reject pnfs blocksize larger than page size
(bnc#898675).
- pNFS/blocklayout: Remove a couple of unused variables (bnc#898675).
- pnfs/blocklayout: remove read-modify-write handling in bl_write_pagelist
(bnc#898675).
- pnfs/blocklayout: remove some debugging (bnc#898675).
- pnfs/blocklayout: return layouts on setattr (bnc#898675).
- pnfs/blocklayout: rewrite extent tracking (bnc#898675).
- pnfs/blocklayout: use the device id cache (bnc#898675).
- pnfs: do not check sequence on new stateids in layoutget (bnc#898675).
- pnfs: do not pass uninitialized lsegs to ->free_lseg (bnc#898675).
- pnfs: enable CB_NOTIFY_DEVICEID support (bnc#898675).
- pnfs: factor GETDEVICEINFO implementations (bnc#898675).
- pnfs: force a layout commit when encountering busy segments during
recall (bnc#898675).
- pnfs: remove GETDEVICELIST implementation (bnc#898675).
- pnfs: retry after a bad stateid error from layoutget (bnc#898675).
- powerpc: add running_clock for powerpc to prevent spurious softlockup
warnings (bsc#919939).
- powerpc/pseries: Fix endian problems with LE migration (bsc#918584).
- remove cgroup_mutex around deactivate_super because it might be
dangerous.
- rtmutex: Document pi chain walk (mutex scalability).
- rtmutex: No need to keep task ref for lock owner check (mutex
scalability).
- rtmutex: Simplify rtmutex_slowtrylock() (mutex scalability).
- rtnetlink: fix a memory leak when ->newlink fails (bnc#915660).
- sched: Change thread_group_cputime() to use for_each_thread() (Time
scalability).
- sched: replace INIT_COMPLETION with reinit_completion.
- sched, time: Atomically increment stime & utime (Time scalability).
- scsi: storvsc: Always send on the selected outgoing channel.
- scsi: storvsc: Do not assume that the scatterlist is not chained.
- scsi: storvsc: Enable clustering.
- scsi: storvsc: Fix a bug in copy_from_bounce_buffer().
- scsi: storvsc: Increase the ring buffer size.
- scsi: storvsc: Retrieve information about the capability of the target.
- scsi: storvsc: Set the tablesize based on the information given by the
host.
- scsi: storvsc: Size the queue depth based on the ringbuffer size.
- storvsc: fix a bug in storvsc limits.
- storvsc: force discovery of LUNs that may have been removed.
- storvsc: force SPC-3 compliance on win8 and win8 r2 hosts.
- storvsc: in responce to a scan event, scan the host.
- take read_seqbegin_or_lock() and friends to seqlock.h (Time scalability).
- tcp: prevent fetching dst twice in early demux code (bnc#903997
bnc#919719).
- time, signal: Protect resource use statistics with seqlock -kabi (Time
scalability).
- time, signal: Protect resource use statistics with seqlock (Time
scalability).
- udp: only allow UFO for packets from SOCK_DGRAM sockets (bnc#909309).
- Update Xen patches to 3.12.39.
- virtio: rng: add derating factor for use by hwrng core (bsc#918615).
- x86, AVX-512: AVX-512 Feature Detection (bsc#921527).
- x86, AVX-512: Enable AVX-512 States Context Switch (bsc#921527).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: xfs_alloc_fix_minleft can underflow near ENOSPC (bnc#913080).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2015-152=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-152=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-152=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-152=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2015-152=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-152=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
kernel-default-debuginfo-3.12.39-47.1
kernel-default-debugsource-3.12.39-47.1
kernel-default-extra-3.12.39-47.1
kernel-default-extra-debuginfo-3.12.39-47.1
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
kernel-obs-build-3.12.39-47.2
kernel-obs-build-debugsource-3.12.39-47.2
- SUSE Linux Enterprise Software Development Kit 12 (noarch):
kernel-docs-3.12.39-47.3
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
kernel-default-3.12.39-47.1
kernel-default-base-3.12.39-47.1
kernel-default-base-debuginfo-3.12.39-47.1
kernel-default-debuginfo-3.12.39-47.1
kernel-default-debugsource-3.12.39-47.1
kernel-default-devel-3.12.39-47.1
kernel-syms-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (x86_64):
kernel-xen-3.12.39-47.1
kernel-xen-base-3.12.39-47.1
kernel-xen-base-debuginfo-3.12.39-47.1
kernel-xen-debuginfo-3.12.39-47.1
kernel-xen-debugsource-3.12.39-47.1
kernel-xen-devel-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (noarch):
kernel-devel-3.12.39-47.1
kernel-macros-3.12.39-47.1
kernel-source-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (s390x):
kernel-default-man-3.12.39-47.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.39-47.1
kernel-ec2-debuginfo-3.12.39-47.1
kernel-ec2-debugsource-3.12.39-47.1
kernel-ec2-devel-3.12.39-47.1
kernel-ec2-extra-3.12.39-47.1
kernel-ec2-extra-debuginfo-3.12.39-47.1
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_39-47-default-1-2.1
kgraft-patch-3_12_39-47-xen-1-2.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
kernel-default-3.12.39-47.1
kernel-default-debuginfo-3.12.39-47.1
kernel-default-debugsource-3.12.39-47.1
kernel-default-devel-3.12.39-47.1
kernel-default-extra-3.12.39-47.1
kernel-default-extra-debuginfo-3.12.39-47.1
kernel-syms-3.12.39-47.1
kernel-xen-3.12.39-47.1
kernel-xen-debuginfo-3.12.39-47.1
kernel-xen-debugsource-3.12.39-47.1
kernel-xen-devel-3.12.39-47.1
- SUSE Linux Enterprise Desktop 12 (noarch):
kernel-devel-3.12.39-47.1
kernel-macros-3.12.39-47.1
kernel-source-3.12.39-47.1
References:
https://www.suse.com/security/cve/CVE-2015-0777.html
https://www.suse.com/security/cve/CVE-2015-2150.html
https://bugzilla.suse.com/898675
https://bugzilla.suse.com/903997
https://bugzilla.suse.com/904242
https://bugzilla.suse.com/909309
https://bugzilla.suse.com/909477
https://bugzilla.suse.com/909684
https://bugzilla.suse.com/910517
https://bugzilla.suse.com/913080
https://bugzilla.suse.com/914818
https://bugzilla.suse.com/915200
https://bugzilla.suse.com/915660
https://bugzilla.suse.com/917830
https://bugzilla.suse.com/918584
https://bugzilla.suse.com/918615
https://bugzilla.suse.com/918620
https://bugzilla.suse.com/918644
https://bugzilla.suse.com/919463
https://bugzilla.suse.com/919719
https://bugzilla.suse.com/919939
https://bugzilla.suse.com/920615
https://bugzilla.suse.com/920805
https://bugzilla.suse.com/920839
https://bugzilla.suse.com/921313
https://bugzilla.suse.com/921527
https://bugzilla.suse.com/921990
https://bugzilla.suse.com/922272
https://bugzilla.suse.com/922275
https://bugzilla.suse.com/922278
https://bugzilla.suse.com/922284
https://bugzilla.suse.com/924460
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0