openSUSE Security Announce
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
August 2016
- 1 participants
- 57 discussions
[security-announce] SUSE-SU-2016:2195-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 30 Aug '16
by opensuse-security@opensuse.org 30 Aug '16
30 Aug '16
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2195-1
Rating: important
References: #989196 #990628 #990856 #991809
Cross-References: CVE-2016-2830 CVE-2016-2835 CVE-2016-2836
CVE-2016-2837 CVE-2016-2838 CVE-2016-2839
CVE-2016-5252 CVE-2016-5254 CVE-2016-5258
CVE-2016-5259 CVE-2016-5262 CVE-2016-5263
CVE-2016-5264 CVE-2016-5265 CVE-2016-6354
Affected Products:
SUSE OpenStack Cloud 5
SUSE Manager Proxy 2.1
SUSE Manager 2.1
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
MozillaFirefox was updated to 45.3.0 ESR to fix the following issues
(bsc#991809):
* MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety
hazards (rv:48.0 / rv:45.3)
* MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when
page is closed
* MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG with
bidirectional content
* MFSA 2016-65/CVE-2016-2839 Cairo rendering crash due to memory
allocation issue with FFmpeg 0.10
* MFSA 2016-67/CVE-2016-5252 Stack underflow during 2D graphics rendering
* MFSA 2016-70/CVE-2016-5254 Use-after-free when using alt key and
toplevel menus
* MFSA 2016-72/CVE-2016-5258 Use-after-free in DTLS during WebRTC session
shutdown
* MFSA 2016-73/CVE-2016-5259 Use-after-free in service workers with nested
sync events
* MFSA 2016-76/CVE-2016-5262 Scripts on marquee tag can execute in
sandboxed iframes
* MFSA 2016-77/CVE-2016-2837 Buffer overflow in ClearKey Content
Decryption Module (CDM) during video playback
* MFSA 2016-78/CVE-2016-5263 Type confusion in display transformation
* MFSA 2016-79/CVE-2016-5264 Use-after-free when applying SVG effects
* MFSA 2016-80/CVE-2016-5265 Same-origin policy violation using local HTML
file and saved shortcut file
* CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Also a temporary workaround was added:
- Temporarily bind Firefox to the first CPU as a hotfix for an apparent
race condition (bsc#989196, bsc#990628)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 5:
zypper in -t patch sleclo50sp3-MozillaFirefox-12722=1
- SUSE Manager Proxy 2.1:
zypper in -t patch slemap21-MozillaFirefox-12722=1
- SUSE Manager 2.1:
zypper in -t patch sleman21-MozillaFirefox-12722=1
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-MozillaFirefox-12722=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-MozillaFirefox-12722=1
- SUSE Linux Enterprise Server 11-SP3-LTSS:
zypper in -t patch slessp3-MozillaFirefox-12722=1
- SUSE Linux Enterprise Point of Sale 11-SP3:
zypper in -t patch sleposp3-MozillaFirefox-12722=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-MozillaFirefox-12722=1
- SUSE Linux Enterprise Debuginfo 11-SP3:
zypper in -t patch dbgsp3-MozillaFirefox-12722=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 5 (x86_64):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Manager Proxy 2.1 (x86_64):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Manager 2.1 (s390x x86_64):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):
MozillaFirefox-devel-45.3.0esr-50.1
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Linux Enterprise Point of Sale 11-SP3 (i586):
MozillaFirefox-45.3.0esr-50.1
MozillaFirefox-translations-45.3.0esr-50.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
MozillaFirefox-debuginfo-45.3.0esr-50.1
MozillaFirefox-debugsource-45.3.0esr-50.1
- SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):
MozillaFirefox-debuginfo-45.3.0esr-50.1
MozillaFirefox-debugsource-45.3.0esr-50.1
References:
https://www.suse.com/security/cve/CVE-2016-2830.html
https://www.suse.com/security/cve/CVE-2016-2835.html
https://www.suse.com/security/cve/CVE-2016-2836.html
https://www.suse.com/security/cve/CVE-2016-2837.html
https://www.suse.com/security/cve/CVE-2016-2838.html
https://www.suse.com/security/cve/CVE-2016-2839.html
https://www.suse.com/security/cve/CVE-2016-5252.html
https://www.suse.com/security/cve/CVE-2016-5254.html
https://www.suse.com/security/cve/CVE-2016-5258.html
https://www.suse.com/security/cve/CVE-2016-5259.html
https://www.suse.com/security/cve/CVE-2016-5262.html
https://www.suse.com/security/cve/CVE-2016-5263.html
https://www.suse.com/security/cve/CVE-2016-5264.html
https://www.suse.com/security/cve/CVE-2016-5265.html
https://www.suse.com/security/cve/CVE-2016-6354.html
https://bugzilla.suse.com/989196
https://bugzilla.suse.com/990628
https://bugzilla.suse.com/990856
https://bugzilla.suse.com/991809
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2184-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2184-1
Rating: important
References: #947337 #950998 #951844 #953048 #954847 #956491
#957990 #962742 #963655 #963762 #965087 #966245
#968667 #970114 #970506 #971770 #972933 #973378
#973499 #974165 #974308 #974620 #975531 #975533
#975772 #975788 #977417 #978401 #978469 #978822
#979213 #979419 #979485 #979489 #979521 #979548
#979681 #979867 #979879 #979922 #980348 #980363
#980371 #981038 #981143 #981344 #982282 #982354
#982544 #982698 #983143 #983213 #983318 #983721
#983904 #983977 #984148 #984456 #984755 #985232
#985978 #986362 #986365 #986569 #986572 #986811
#988215 #988498 #988552 #990058
Cross-References: CVE-2014-9904 CVE-2015-7833 CVE-2015-8551
CVE-2015-8552 CVE-2015-8845 CVE-2016-0758
CVE-2016-1583 CVE-2016-2053 CVE-2016-3672
CVE-2016-4470 CVE-2016-4482 CVE-2016-4486
CVE-2016-4565 CVE-2016-4569 CVE-2016-4578
CVE-2016-4805 CVE-2016-4997 CVE-2016-4998
CVE-2016-5244 CVE-2016-5828 CVE-2016-5829
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that solves 21 vulnerabilities and has 49 fixes
is now available.
Description:
The openSUSE 13.1 kernel was updated to 3.12.62 to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2014-9904: The snd_compress_check_input function in
sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel
did not properly check for an integer overflow, which allowed local
users to cause a denial of service (insufficient memory allocation) or
possibly have unspecified other impact via a crafted
SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
- CVE-2015-7833: The usbvision driver in the Linux kernel allowed
physically proximate attackers to cause a denial of service (panic) via
a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86
system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
local guest administrators to hit BUG conditions and cause a denial of
service (NULL pointer dereference and host OS crash) by leveraging a
system with access to a passed-through MSI or MSI-X capable physical PCI
device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux
pciback missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86
system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
local guest administrators to generate a continuous stream of WARN
messages and cause a denial of service (disk consumption) by leveraging
a system with access to a passed-through MSI or MSI-X capable physical
PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback
missing sanity checks (bnc#957990).
- CVE-2015-8845: The tm_reclaim_thread function in
arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
did not ensure that TM suspend mode exists before proceeding with a
tm_reclaim call, which allowed local users to cause a denial of service
(TM Bad Thing exception and panic) via a crafted application (bnc#975531
bsc#975533).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux
kernel allowed local users to gain privileges via crafted ASN.1 data
(bnc#979867).
- CVE-2016-1583: The ecryptfs_privileged_open function in
fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain
privileges or cause a denial of service (stack memory consumption) via
vectors involving crafted mmap calls for /proc pathnames, leading to
recursive pagefault handling. (bsc#983143)
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
the Linux kernel allowed attackers to cause a denial of service (panic)
via an ASN.1 BER file that lacks a public key, leading to mishandling by
the public_key_verify_signature function in
crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
in the Linux kernel did not properly randomize the legacy base address,
which made it easier for local users to defeat the intended restrictions
on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
for a setuid or setgid program, by disabling stack-consumption resource
limits (bnc#974308).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
in the Linux kernel did not ensure that a certain data structure is
initialized, which allowed local users to cause a denial of service
(system crash) via vectors involving a crafted keyctl request2 command
(bnc#984755).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (bnc#978401)
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory by reading a Netlink message (bnc#978822).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
incorrectly relies on the write system call, which allowed local users
to cause a denial of service (kernel memory write operation) or possibly
have unspecified other impact via a uAPI interface (bnc#979548
bsc#980363).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via crafted use of the ALSA timer interface. (bsc#979213)
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
certain r1 data structures, which allowed local users to obtain
sensitive information from kernel stack memory via crafted use of the
ALSA timer interface, related to the (1) snd_timer_user_ccallback and
(2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4805: Use-after-free vulnerability in
drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
cause a denial of service (memory corruption and system crash, or
spinlock) or possibly have unspecified other impact by removing a
network namespace, related to the ppp_register_net_channel and
ppp_unregister_channel functions (bnc#980371).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bnc#986362).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the
netfilter subsystem in the Linux kernel before 4.6 allows local users to
cause a denial of service (out-of-bounds read) or possibly obtain
sensitive information from kernel heap memory by leveraging in-container
root access to provide a crafted offset value that leads to crossing a
ruleset blob boundary. (bnc#986365).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the
Linux kernel did not initialize a certain structure member, which
allowed remote attackers to obtain sensitive information from kernel
stack memory by reading an RDS message (bnc#983213).
- CVE-2016-5828: The start_thread function in
arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
mishandled transactional state, which allowed local users to cause a
denial of service (invalid process state or TM Bad Thing exception, and
system crash) or possibly have unspecified other impact by starting and
suspending a transaction before an exec system call. (bsc#986569)
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allow local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bnc#986572).
The following non-security bugs were fixed:
- Add wait_event_cmd() (bsc#953048).
- alsa: hrtimer: Handle start/stop more properly (bsc#973378).
- base: make module_create_drivers_dir race-free (bnc#983977).
- btrfs: be more precise on errors when getting an inode from disk
(bsc#981038).
- btrfs: do not use src fd for printk (bsc#980348).
- btrfs: improve performance on fsync against new inode after
rename/unlink (bsc#981038).
- btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933).
- btrfs: serialize subvolume mounts with potentially mismatching rw flags
(bsc#951844).
- cdc_ncm: workaround for EM7455 "silent" data interface (bnc#988552).
- ceph: tolerate bad i_size for symlink inode (bsc#985232).
- drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904).
- drm/mgag200: Add support for a new rev of G200e (bsc#983904).
- drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904).
- drm/mgag200: remove unused variables (bsc#983904).
- drm: qxl: Workaround for buggy user-space (bsc#981344).
- EDAC: Correct channel count limit (bsc#979521).
- EDAC: Remove arbitrary limit on number of channels (bsc#979521).
- EDAC, sb_edac: Add support for duplicate device IDs (bsc#979521).
- EDAC/sb_edac: Fix computation of channel address (bsc#979521).
- EDAC, sb_edac: Fix rank lookup on Broadwell (bsc#979521).
- EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs()
(bsc#979521).
- EDAC: Use static attribute groups for managing sysfs entries
(bsc#979521).
- efifb: Add support for 64-bit frame buffer addresses (bsc#973499).
- efifb: Fix 16 color palette entry calculation (bsc#983318).
- efifb: Fix KABI of screen_info struct (bsc#973499).
- ehci-pci: enable interrupt on BayTrail (bnc#947337).
- enic: set netdev->vlan_features (bsc#966245).
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- hid-elo: kill not flush the work (bnc#982354).
- iommu/vt-d: Enable QI on all IOMMUs before setting root entry
(bsc#975772).
- ipvs: count pre-established TCP states as active (bsc#970114).
- kabi: prevent spurious modversion changes after bsc#982544 fix
(bsc#982544).
- kabi/severities: Added raw3270_* PASS to allow IBM LTC changes.
(bnc#979922, LTC#141736)
- ktime: make ktime_divns exported on 32-bit architectures.
- md: be careful when testing resync_max against curr_resync_completed
(bsc#953048).
- md: do_release_stripe(): No need to call md_wakeup_thread() twice
(bsc#953048).
- md: make sure MD_RECOVERY_DONE is clear before starting recovery/resync
(bsc#953048).
- md/raid56: Do not perform reads to support writes until stripe is ready.
- md/raid5: add handle_flags arg to break_stripe_batch_list (bsc#953048).
- md/raid5: allow the stripe_cache to grow and shrink (bsc#953048).
- md/raid5: always set conf->prev_chunk_sectors and ->prev_algo
(bsc#953048).
- md/raid5: avoid races when changing cache size (bsc#953048).
- md/raid5: avoid reading parity blocks for full-stripe write to degraded
array (bsc#953048).
- md/raid5: be more selective about distributing flags across batch
(bsc#953048).
- md/raid5: break stripe-batches when the array has failed (bsc#953048).
- md/raid5: call break_stripe_batch_list from handle_stripe_clean_event
(bsc#953048).
- md/raid5: change ->inactive_blocked to a bit-flag (bsc#953048).
- md/raid5: clear R5_NeedReplace when no longer needed (bsc#953048).
- md/raid5: close race between STRIPE_BIT_DELAY and batching (bsc#953048).
- md/raid5: close recently introduced race in stripe_head management.
- md/raid5: consider updating reshape_position at start of reshape
(bsc#953048).
- md/raid5: deadlock between retry_aligned_read with barrier io
(bsc#953048).
- md/raid5: do not do chunk aligned read on degraded array (bsc#953048).
- md/raid5: do not index beyond end of array in need_this_block()
(bsc#953048).
- md/raid5: do not let shrink_slab shrink too far (bsc#953048).
- md/raid5: duplicate some more handle_stripe_clean_event code in
break_stripe_batch_list (bsc#953048).
- md/raid5: Ensure a batch member is not handled prematurely (bsc#953048).
- md/raid5: ensure device failure recorded before write request returns
(bsc#953048).
- md/raid5: ensure whole batch is delayed for all required bitmap updates
(bsc#953048).
- md/raid5: fix allocation of 'scribble' array (bsc#953048).
- md/raid5: fix another livelock caused by non-aligned writes (bsc#953048).
- md/raid5: fix handling of degraded stripes in batches (bsc#953048).
- md/raid5: fix init_stripe() inconsistencies (bsc#953048).
- md/raid5: fix locking in handle_stripe_clean_event() (bsc#953048).
- md/raid5: fix newly-broken locking in get_active_stripe.
- md/raid5: For stripe with R5_ReadNoMerge, we replace REQ_FLUSH with
REQ_NOMERGE.
- md/raid5: handle possible race as reshape completes (bsc#953048).
- md/raid5: ignore released_stripes check (bsc#953048).
- md/raid5: more incorrect BUG_ON in handle_stripe_fill (bsc#953048).
- md/raid5: move max_nr_stripes management into grow_one_stripe and
drop_one_stripe (bsc#953048).
- md/raid5: need_this_block: start simplifying the last two conditions
(bsc#953048).
- md/raid5: need_this_block: tidy/fix last condition (bsc#953048).
- md/raid5: new alloc_stripe() to allocate an initialize a stripe
(bsc#953048).
- md/raid5: pass gfp_t arg to grow_one_stripe() (bsc#953048).
- md/raid5: per hash value and exclusive wait_for_stripe (bsc#953048).
- md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list.
- md/raid5: remove condition test from check_break_stripe_batch_list
(bsc#953048).
- md/raid5: remove incorrect "min_t()" when calculating writepos
(bsc#953048).
- md/raid5: remove redundant check in stripe_add_to_batch_list()
(bsc#953048).
- md/raid5: separate large if clause out of fetch_block() (bsc#953048).
- md/raid5: separate out the easy conditions in need_this_block
(bsc#953048).
- md/raid5: split wait_for_stripe and introduce wait_for_quiescent
(bsc#953048).
- md/raid5: strengthen check on reshape_position at run (bsc#953048).
- md/raid5: switch to use conf->chunk_sectors in place of
mddev->chunk_sectors where possible (bsc#953048).
- md/raid5: use bio_list for the list of bios to return (bsc#953048).
- md/raid5: use ->lock to protect accessing raid5 sysfs attributes
(bsc#953048).
- md: remove unwanted white space from md.c (bsc#953048).
- md: use set_bit/clear_bit instead of shift/mask for bi_flags changes
(bsc#953048).
- mm: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667).
- net: disable fragment reassembly if high_thresh is set to zero
(bsc#970506).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in
br_validate_ipv6 (bsc#982544).
- net: fix wrong mac_len calculation for vlans (bsc#968667).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- net: Start with correct mac_len in skb_network_protocol (bsc#968667).
- nvme: don't poll the CQ from the kthread (bsc#975788, bsc#965087).
- PCI/AER: Clear error status registers during enumeration and restore
(bsc#985978).
- perf/rapl: Fix sysfs_show() initialization for RAPL PMU (bsc#979489).
- perf/x86/intel: Add Intel RAPL PP1 energy counter support (bsc#979489).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- qeth: delete napi struct when removing a qeth device (bnc#988215,
LTC#143590).
- raid5: add a new flag to track if a stripe can be batched (bsc#953048).
- raid5: add an option to avoid copy data from bio to stripe cache
(bsc#953048).
- raid5: avoid release list until last reference of the stripe
(bsc#953048).
- raid5: batch adjacent full stripe write (bsc#953048).
- raid5: check faulty flag for array status during recovery (bsc#953048).
- RAID5: check_reshape() shouldn't call mddev_suspend (bsc#953048).
- raid5: fix a race of stripe count check.
- raid5: fix broken async operation chain (bsc#953048).
- raid5: get_active_stripe avoids device_lock.
- raid5: handle expansion/resync case with stripe batching (bsc#953048).
- raid5: handle io error of batch list (bsc#953048).
- raid5: make_request does less prepare wait.
- raid5: relieve lock contention in get_active_stripe().
- raid5: relieve lock contention in get_active_stripe().
- raid5: Retry R5_ReadNoMerge flag when hit a read error.
- RAID5: revert e9e4c377e2f563 to fix a livelock (bsc#953048).
- raid5: speedup sync_request processing (bsc#953048).
- raid5: track overwrite disk count (bsc#953048).
- raid5: update analysis state for failed stripe (bsc#953048).
- raid5: use flex_array for scribble data (bsc#953048).
- Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with
head exceeding page size (bsc#978469).
- s390/3270: add missing tty_kref_put (bnc#979922, LTC#141736).
- s390/3270: avoid endless I/O loop with disconnected 3270 terminals
(bnc#979922, LTC#141736).
- s390/3270: fix garbled output on 3270 tty view (bnc#979922, LTC#141736).
- s390/3270: fix view reference counting (bnc#979922, LTC#141736).
- s390/3270: handle reconnect of a tty with a different size (bnc#979922,
LTC#141736).
- s390/3270: hangup the 3270 tty after a disconnect (bnc#979922,
LTC#141736).
- s390: fix test_fp_ctl inline assembly contraints (bnc#988215,
LTC#143138).
- s390/mm: fix asce_bits handling with dynamic pagetable levels
(bnc#979922, LTC#141456).
- s390/spinlock: avoid yield to non existent cpu (bnc#979922, LTC#141106).
- sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell
(bsc#979521).
- sb_edac: Fix a typo and a thinko in address handling for Haswell
(bsc#979521).
- sb_edac: Fix support for systems with two home agents per socket
(bsc#979521).
- sb_edac: look harder for DDRIO on Haswell systems (bsc#979521).
- sb_edac: support for Broadwell -EP and -EX (bsc#979521).
- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency
(bnc#988498).
- sched/cputime: Fix cpu_timer_sample_group() double accounting
(bnc#988498).
- sched: Provide update_curr callbacks for stop/idle scheduling classes
(bnc#988498).
- sched/x86: Fix up typo in topology detection (bsc#974165).
- scsi: Increase REPORT_LUNS timeout (bsc#982282).
- series.conf: move netfilter section at the end of core networking
- series.conf: move stray netfilter patches to the right section
- target/rbd: do not put snap_context twice (bsc#981143).
- target/rbd: remove caw_mutex usage (bsc#981143).
- Update
patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch
(bsc#979419). Fix reference.
- Update
patches.drivers/nvme-0106-init-nvme-queue-before-enabling-irq.patch
(bsc#962742). Fix incorrect bugzilla referece.
- usb: quirk to stop runtime PM for Intel 7260 (bnc#984456).
- usb: xhci: Add broken streams quirk for Frescologic device id 1009
(bnc#982698).
- VSOCK: Fix lockdep issue (bsc#977417).
- VSOCK: sock_put wasn't safe to call in interrupt context (bsc#977417).
- wait: introduce wait_event_exclusive_cmd (bsc#953048).
- x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel
address (bsc#979521).
- x86 EDAC, sb_edac.c: Take account of channel hashing when needed
(bsc#979521).
- x86/efi: parse_efi_setup() build fix (bsc#979485).
- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
- x86: Removed the free memblock of hibernat keys to avoid memory
corruption (bsc#990058).
- x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165).
- x86: standardize mmap_rnd() usage (bnc#974308).
- xen: fix i586 build after SLE12-SP1 commit 2f4c3ff45d5e.
- xfs: fix premature enospc on inode allocation (bsc#984148).
- xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).
- xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2016-1029=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
cloop-2.639-11.32.2
cloop-debuginfo-2.639-11.32.2
cloop-debugsource-2.639-11.32.2
cloop-kmp-default-2.639_k3.12.62_52-11.32.2
cloop-kmp-default-debuginfo-2.639_k3.12.62_52-11.32.2
cloop-kmp-desktop-2.639_k3.12.62_52-11.32.2
cloop-kmp-desktop-debuginfo-2.639_k3.12.62_52-11.32.2
cloop-kmp-xen-2.639_k3.12.62_52-11.32.2
cloop-kmp-xen-debuginfo-2.639_k3.12.62_52-11.32.2
crash-7.0.2-2.32.7
crash-debuginfo-7.0.2-2.32.7
crash-debugsource-7.0.2-2.32.7
crash-devel-7.0.2-2.32.7
crash-doc-7.0.2-2.32.7
crash-eppic-7.0.2-2.32.7
crash-eppic-debuginfo-7.0.2-2.32.7
crash-gcore-7.0.2-2.32.7
crash-gcore-debuginfo-7.0.2-2.32.7
crash-kmp-default-7.0.2_k3.12.62_52-2.32.7
crash-kmp-default-debuginfo-7.0.2_k3.12.62_52-2.32.7
crash-kmp-desktop-7.0.2_k3.12.62_52-2.32.7
crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_52-2.32.7
crash-kmp-xen-7.0.2_k3.12.62_52-2.32.7
crash-kmp-xen-debuginfo-7.0.2_k3.12.62_52-2.32.7
hdjmod-debugsource-1.28-16.32.2
hdjmod-kmp-default-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-default-debuginfo-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-desktop-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-xen-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-xen-debuginfo-1.28_k3.12.62_52-16.32.2
ipset-6.21.1-2.36.2
ipset-debuginfo-6.21.1-2.36.2
ipset-debugsource-6.21.1-2.36.2
ipset-devel-6.21.1-2.36.2
ipset-kmp-default-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-default-debuginfo-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-desktop-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-xen-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_52-2.36.2
iscsitarget-1.4.20.3-13.32.2
iscsitarget-debuginfo-1.4.20.3-13.32.2
iscsitarget-debugsource-1.4.20.3-13.32.2
iscsitarget-kmp-default-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-xen-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
kernel-default-3.12.62-52.1
kernel-default-base-3.12.62-52.1
kernel-default-base-debuginfo-3.12.62-52.1
kernel-default-debuginfo-3.12.62-52.1
kernel-default-debugsource-3.12.62-52.1
kernel-default-devel-3.12.62-52.1
kernel-syms-3.12.62-52.1
libipset3-6.21.1-2.36.2
libipset3-debuginfo-6.21.1-2.36.2
ndiswrapper-1.58-33.2
ndiswrapper-debuginfo-1.58-33.2
ndiswrapper-debugsource-1.58-33.2
ndiswrapper-kmp-default-1.58_k3.12.62_52-33.2
ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_52-33.2
ndiswrapper-kmp-desktop-1.58_k3.12.62_52-33.2
ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_52-33.2
openvswitch-1.11.0-0.39.3
openvswitch-controller-1.11.0-0.39.3
openvswitch-controller-debuginfo-1.11.0-0.39.3
openvswitch-debuginfo-1.11.0-0.39.3
openvswitch-debugsource-1.11.0-0.39.3
openvswitch-kmp-default-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-desktop-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-xen-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_52-0.39.3
openvswitch-pki-1.11.0-0.39.3
openvswitch-switch-1.11.0-0.39.3
openvswitch-switch-debuginfo-1.11.0-0.39.3
openvswitch-test-1.11.0-0.39.3
pcfclock-0.44-258.33.2
pcfclock-debuginfo-0.44-258.33.2
pcfclock-debugsource-0.44-258.33.2
pcfclock-kmp-default-0.44_k3.12.62_52-258.33.2
pcfclock-kmp-default-debuginfo-0.44_k3.12.62_52-258.33.2
pcfclock-kmp-desktop-0.44_k3.12.62_52-258.33.2
pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_52-258.33.2
python-openvswitch-1.11.0-0.39.3
python-openvswitch-test-1.11.0-0.39.3
python-virtualbox-4.2.36-2.64.4
python-virtualbox-debuginfo-4.2.36-2.64.4
vhba-kmp-debugsource-20130607-2.32.2
vhba-kmp-default-20130607_k3.12.62_52-2.32.2
vhba-kmp-default-debuginfo-20130607_k3.12.62_52-2.32.2
vhba-kmp-desktop-20130607_k3.12.62_52-2.32.2
vhba-kmp-desktop-debuginfo-20130607_k3.12.62_52-2.32.2
vhba-kmp-xen-20130607_k3.12.62_52-2.32.2
vhba-kmp-xen-debuginfo-20130607_k3.12.62_52-2.32.2
virtualbox-4.2.36-2.64.4
virtualbox-debuginfo-4.2.36-2.64.4
virtualbox-debugsource-4.2.36-2.64.4
virtualbox-devel-4.2.36-2.64.4
virtualbox-guest-kmp-default-4.2.36_k3.12.62_52-2.64.4
virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4
virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_52-2.64.4
virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4
virtualbox-guest-tools-4.2.36-2.64.4
virtualbox-guest-tools-debuginfo-4.2.36-2.64.4
virtualbox-guest-x11-4.2.36-2.64.4
virtualbox-guest-x11-debuginfo-4.2.36-2.64.4
virtualbox-host-kmp-default-4.2.36_k3.12.62_52-2.64.4
virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4
virtualbox-host-kmp-desktop-4.2.36_k3.12.62_52-2.64.4
virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4
virtualbox-qt-4.2.36-2.64.4
virtualbox-qt-debuginfo-4.2.36-2.64.4
virtualbox-websrv-4.2.36-2.64.4
virtualbox-websrv-debuginfo-4.2.36-2.64.4
xen-debugsource-4.3.4_10-65.3
xen-devel-4.3.4_10-65.3
xen-kmp-default-4.3.4_10_k3.12.62_52-65.3
xen-kmp-default-debuginfo-4.3.4_10_k3.12.62_52-65.3
xen-kmp-desktop-4.3.4_10_k3.12.62_52-65.3
xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_52-65.3
xen-libs-4.3.4_10-65.3
xen-libs-debuginfo-4.3.4_10-65.3
xen-tools-domU-4.3.4_10-65.3
xen-tools-domU-debuginfo-4.3.4_10-65.3
xtables-addons-2.3-2.31.2
xtables-addons-debuginfo-2.3-2.31.2
xtables-addons-debugsource-2.3-2.31.2
xtables-addons-kmp-default-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-desktop-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-xen-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_52-2.31.2
- openSUSE 13.1 (i686 x86_64):
kernel-debug-3.12.62-52.1
kernel-debug-base-3.12.62-52.1
kernel-debug-base-debuginfo-3.12.62-52.1
kernel-debug-debuginfo-3.12.62-52.1
kernel-debug-debugsource-3.12.62-52.1
kernel-debug-devel-3.12.62-52.1
kernel-debug-devel-debuginfo-3.12.62-52.1
kernel-desktop-3.12.62-52.1
kernel-desktop-base-3.12.62-52.1
kernel-desktop-base-debuginfo-3.12.62-52.1
kernel-desktop-debuginfo-3.12.62-52.1
kernel-desktop-debugsource-3.12.62-52.1
kernel-desktop-devel-3.12.62-52.1
kernel-ec2-3.12.62-52.1
kernel-ec2-base-3.12.62-52.1
kernel-ec2-base-debuginfo-3.12.62-52.1
kernel-ec2-debuginfo-3.12.62-52.1
kernel-ec2-debugsource-3.12.62-52.1
kernel-ec2-devel-3.12.62-52.1
kernel-trace-3.12.62-52.1
kernel-trace-base-3.12.62-52.1
kernel-trace-base-debuginfo-3.12.62-52.1
kernel-trace-debuginfo-3.12.62-52.1
kernel-trace-debugsource-3.12.62-52.1
kernel-trace-devel-3.12.62-52.1
kernel-vanilla-3.12.62-52.1
kernel-vanilla-debuginfo-3.12.62-52.1
kernel-vanilla-debugsource-3.12.62-52.1
kernel-vanilla-devel-3.12.62-52.1
kernel-xen-3.12.62-52.1
kernel-xen-base-3.12.62-52.1
kernel-xen-base-debuginfo-3.12.62-52.1
kernel-xen-debuginfo-3.12.62-52.1
kernel-xen-debugsource-3.12.62-52.1
kernel-xen-devel-3.12.62-52.1
- openSUSE 13.1 (noarch):
kernel-devel-3.12.62-52.1
kernel-docs-3.12.62-52.2
kernel-macros-3.12.62-52.1
kernel-source-3.12.62-52.1
kernel-source-vanilla-3.12.62-52.1
virtualbox-host-source-4.2.36-2.64.4
- openSUSE 13.1 (x86_64):
xen-4.3.4_10-65.3
xen-doc-html-4.3.4_10-65.3
xen-libs-32bit-4.3.4_10-65.3
xen-libs-debuginfo-32bit-4.3.4_10-65.3
xen-tools-4.3.4_10-65.3
xen-tools-debuginfo-4.3.4_10-65.3
xen-xend-tools-4.3.4_10-65.3
xen-xend-tools-debuginfo-4.3.4_10-65.3
- openSUSE 13.1 (i586):
cloop-kmp-pae-2.639_k3.12.62_52-11.32.2
cloop-kmp-pae-debuginfo-2.639_k3.12.62_52-11.32.2
crash-kmp-pae-7.0.2_k3.12.62_52-2.32.7
crash-kmp-pae-debuginfo-7.0.2_k3.12.62_52-2.32.7
hdjmod-kmp-pae-1.28_k3.12.62_52-16.32.2
hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_52-16.32.2
ipset-kmp-pae-6.21.1_k3.12.62_52-2.36.2
ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_52-2.36.2
iscsitarget-kmp-pae-1.4.20.3_k3.12.62_52-13.32.2
iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
ndiswrapper-kmp-pae-1.58_k3.12.62_52-33.2
ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_52-33.2
openvswitch-kmp-pae-1.11.0_k3.12.62_52-0.39.3
openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_52-0.39.3
pcfclock-kmp-pae-0.44_k3.12.62_52-258.33.2
pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_52-258.33.2
vhba-kmp-pae-20130607_k3.12.62_52-2.32.2
vhba-kmp-pae-debuginfo-20130607_k3.12.62_52-2.32.2
virtualbox-guest-kmp-pae-4.2.36_k3.12.62_52-2.64.4
virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4
virtualbox-host-kmp-pae-4.2.36_k3.12.62_52-2.64.4
virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4
xen-kmp-pae-4.3.4_10_k3.12.62_52-65.3
xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_52-65.3
xtables-addons-kmp-pae-2.3_k3.12.62_52-2.31.2
xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_52-2.31.2
- openSUSE 13.1 (i686):
kernel-pae-3.12.62-52.1
kernel-pae-base-3.12.62-52.1
kernel-pae-base-debuginfo-3.12.62-52.1
kernel-pae-debuginfo-3.12.62-52.1
kernel-pae-debugsource-3.12.62-52.1
kernel-pae-devel-3.12.62-52.1
References:
https://www.suse.com/security/cve/CVE-2014-9904.html
https://www.suse.com/security/cve/CVE-2015-7833.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8845.html
https://www.suse.com/security/cve/CVE-2016-0758.html
https://www.suse.com/security/cve/CVE-2016-1583.html
https://www.suse.com/security/cve/CVE-2016-2053.html
https://www.suse.com/security/cve/CVE-2016-3672.html
https://www.suse.com/security/cve/CVE-2016-4470.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4565.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://www.suse.com/security/cve/CVE-2016-4578.html
https://www.suse.com/security/cve/CVE-2016-4805.html
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-4998.html
https://www.suse.com/security/cve/CVE-2016-5244.html
https://www.suse.com/security/cve/CVE-2016-5828.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://bugzilla.suse.com/947337
https://bugzilla.suse.com/950998
https://bugzilla.suse.com/951844
https://bugzilla.suse.com/953048
https://bugzilla.suse.com/954847
https://bugzilla.suse.com/956491
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/962742
https://bugzilla.suse.com/963655
https://bugzilla.suse.com/963762
https://bugzilla.suse.com/965087
https://bugzilla.suse.com/966245
https://bugzilla.suse.com/968667
https://bugzilla.suse.com/970114
https://bugzilla.suse.com/970506
https://bugzilla.suse.com/971770
https://bugzilla.suse.com/972933
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973499
https://bugzilla.suse.com/974165
https://bugzilla.suse.com/974308
https://bugzilla.suse.com/974620
https://bugzilla.suse.com/975531
https://bugzilla.suse.com/975533
https://bugzilla.suse.com/975772
https://bugzilla.suse.com/975788
https://bugzilla.suse.com/977417
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978469
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979419
https://bugzilla.suse.com/979485
https://bugzilla.suse.com/979489
https://bugzilla.suse.com/979521
https://bugzilla.suse.com/979548
https://bugzilla.suse.com/979681
https://bugzilla.suse.com/979867
https://bugzilla.suse.com/979879
https://bugzilla.suse.com/979922
https://bugzilla.suse.com/980348
https://bugzilla.suse.com/980363
https://bugzilla.suse.com/980371
https://bugzilla.suse.com/981038
https://bugzilla.suse.com/981143
https://bugzilla.suse.com/981344
https://bugzilla.suse.com/982282
https://bugzilla.suse.com/982354
https://bugzilla.suse.com/982544
https://bugzilla.suse.com/982698
https://bugzilla.suse.com/983143
https://bugzilla.suse.com/983213
https://bugzilla.suse.com/983318
https://bugzilla.suse.com/983721
https://bugzilla.suse.com/983904
https://bugzilla.suse.com/983977
https://bugzilla.suse.com/984148
https://bugzilla.suse.com/984456
https://bugzilla.suse.com/984755
https://bugzilla.suse.com/985232
https://bugzilla.suse.com/985978
https://bugzilla.suse.com/986362
https://bugzilla.suse.com/986365
https://bugzilla.suse.com/986569
https://bugzilla.suse.com/986572
https://bugzilla.suse.com/986811
https://bugzilla.suse.com/988215
https://bugzilla.suse.com/988498
https://bugzilla.suse.com/988552
https://bugzilla.suse.com/990058
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2181-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2181-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.51-60_20 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1289=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_51-60_20-default-6-2.1
kgraft-patch-3_12_51-60_20-xen-6-2.1
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2180-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2180-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.57-60_35 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1285=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_57-60_35-default-3-2.1
kgraft-patch-3_12_57-60_35-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2179-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2179-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.51-60_25 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1287=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_51-60_25-default-5-2.1
kgraft-patch-3_12_51-60_25-xen-5-2.1
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2178-1: important: Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2178-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.53-60_30 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1286=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_53-60_30-default-4-2.1
kgraft-patch-3_12_53-60_30-xen-4-2.1
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2177-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2177-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.59-60_41 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1284=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_59-60_41-default-3-2.1
kgraft-patch-3_12_59-60_41-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2175-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2175-1
Rating: important
References: #986573 #991667
Cross-References: CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.59-60_45 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1283=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_59-60_45-default-3-2.1
kgraft-patch-3_12_59-60_45-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2174-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP1
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP1
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2174-1
Rating: important
References: #986377 #986573 #991667
Cross-References: CVE-2016-4997 CVE-2016-5829 CVE-2016-6480
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.49-11 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986377).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1288=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_49-11-default-6-17.2
kgraft-patch-3_12_49-11-xen-6-17.2
References:
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://www.suse.com/security/cve/CVE-2016-6480.html
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/991667
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2168-1: important: Security update for phpMyAdmin
by opensuse-security@opensuse.org 29 Aug '16
by opensuse-security@opensuse.org 29 Aug '16
29 Aug '16
openSUSE Security Update: Security update for phpMyAdmin
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2168-1
Rating: important
References: #994313
Cross-References: CVE-2016-6606 CVE-2016-6607 CVE-2016-6608
CVE-2016-6609 CVE-2016-6610 CVE-2016-6611
CVE-2016-6612 CVE-2016-6613 CVE-2016-6614
CVE-2016-6615 CVE-2016-6616 CVE-2016-6617
CVE-2016-6618 CVE-2016-6619 CVE-2016-6620
CVE-2016-6621 CVE-2016-6622 CVE-2016-6623
CVE-2016-6624 CVE-2016-6625 CVE-2016-6626
CVE-2016-6627 CVE-2016-6628 CVE-2016-6629
CVE-2016-6630 CVE-2016-6631 CVE-2016-6632
CVE-2016-6633
Affected Products:
openSUSE Leap 42.1
openSUSE 13.2
______________________________________________________________________________
An update that fixes 28 vulnerabilities is now available.
Description:
phpMyAdmin was updated to version 4.4.15.8 (2016-08-16) to fix the
following issues:
- Upstream changelog for 4.4.15.8:
* Improve session cookie code for openid.php and signon.php example files
* Full path disclosure in openid.php and signon.php example files
* Unsafe generation of BlowfishSecret (when not supplied by the user)
* Referrer leak when phpinfo is enabled
* Use HTTPS for wiki links
* Improve SSL certificate handling
* Fix full path disclosure in debugging code
* Administrators could trigger SQL injection attack against users
- other fixes
* Remove Swekey support
- Security fixes: https://www.phpmyadmin.net/security/
* Weaknesses with cookie encryption see PMASA-2016-29 (CVE-2016-6606,
CWE-661)
* Multiple XSS vulnerabilities see PMASA-2016-30 (CVE-2016-6607, CWE-661)
* Multiple XSS vulnerabilities see PMASA-2016-31 (CVE-2016-6608, CWE-661)
* PHP code injection see PMASA-2016-32 (CVE-2016-6609, CWE-661)
* Full path disclosure see PMASA-2016-33 (CVE-2016-6610, CWE-661)
* SQL injection attack see PMASA-2016-34 (CVE-2016-6611, CWE-661)
* Local file exposure through LOAD DATA LOCAL INFILE see PMASA-2016-35
(CVE-2016-6612, CWE-661)
* Local file exposure through symlinks with UploadDir see PMASA-2016-36
(CVE-2016-6613, CWE-661)
* Path traversal with SaveDir and UploadDir see PMASA-2016-37
(CVE-2016-6614, CWE-661)
* Multiple XSS vulnerabilities see PMASA-2016-38 (CVE-2016-6615, CWE-661)
* SQL injection vulnerability as control user see PMASA-2016-39
(CVE-2016-6616, CWE-661)
* SQL injection vulnerability see PMASA-2016-40 (CVE-2016-6617, CWE-661)
* Denial-of-service attack through transformation feature see
PMASA-2016-41 (CVE-2016-6618, CWE-661)
* SQL injection vulnerability as control user see PMASA-2016-42
(CVE-2016-6619, CWE-661)
* Verify data before unserializing see PMASA-2016-43 (CVE-2016-6620,
CWE-661)
* SSRF in setup script see PMASA-2016-44 (CVE-2016-6621, CWE-661)
* Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and
persistent connections see PMASA-2016-45 (CVE-2016-6622, CWE-661)
* Denial-of-service attack by using for loops see PMASA-2016-46
(CVE-2016-6623, CWE-661)
* Possible circumvention of IP-based allow/deny rules with IPv6 and
proxy server see PMASA-2016-47 (CVE-2016-6624, CWE-661)
* Detect if user is logged in see PMASA-2016-48 (CVE-2016-6625, CWE-661)
* Bypass URL redirection protection see PMASA-2016-49 (CVE-2016-6626,
CWE-661)
* Referrer leak see PMASA-2016-50 (CVE-2016-6627, CWE-661)
* Reflected File Download see PMASA-2016-51 (CVE-2016-6628, CWE-661)
* ArbitraryServerRegexp bypass see PMASA-2016-52 (CVE-2016-6629, CWE-661)
* Denial-of-service attack by entering long password see PMASA-2016-53
(CVE-2016-6630, CWE-661)
* Remote code execution vulnerability when running as CGI see
PMASA-2016-54 (CVE-2016-6631, CWE-661)
* Denial-of-service attack when PHP uses dbase extension see
PMASA-2016-55 (CVE-2016-6632, CWE-661)
* Remove tode execution vulnerability when PHP uses dbase extension see
PMASA-2016-56 (CVE-2016-6633, CWE-661)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-1021=1
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-1021=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (noarch):
phpMyAdmin-4.4.15.8-25.1
- openSUSE 13.2 (noarch):
phpMyAdmin-4.4.15.8-39.1
References:
https://www.suse.com/security/cve/CVE-2016-6606.html
https://www.suse.com/security/cve/CVE-2016-6607.html
https://www.suse.com/security/cve/CVE-2016-6608.html
https://www.suse.com/security/cve/CVE-2016-6609.html
https://www.suse.com/security/cve/CVE-2016-6610.html
https://www.suse.com/security/cve/CVE-2016-6611.html
https://www.suse.com/security/cve/CVE-2016-6612.html
https://www.suse.com/security/cve/CVE-2016-6613.html
https://www.suse.com/security/cve/CVE-2016-6614.html
https://www.suse.com/security/cve/CVE-2016-6615.html
https://www.suse.com/security/cve/CVE-2016-6616.html
https://www.suse.com/security/cve/CVE-2016-6617.html
https://www.suse.com/security/cve/CVE-2016-6618.html
https://www.suse.com/security/cve/CVE-2016-6619.html
https://www.suse.com/security/cve/CVE-2016-6620.html
https://www.suse.com/security/cve/CVE-2016-6621.html
https://www.suse.com/security/cve/CVE-2016-6622.html
https://www.suse.com/security/cve/CVE-2016-6623.html
https://www.suse.com/security/cve/CVE-2016-6624.html
https://www.suse.com/security/cve/CVE-2016-6625.html
https://www.suse.com/security/cve/CVE-2016-6626.html
https://www.suse.com/security/cve/CVE-2016-6627.html
https://www.suse.com/security/cve/CVE-2016-6628.html
https://www.suse.com/security/cve/CVE-2016-6629.html
https://www.suse.com/security/cve/CVE-2016-6630.html
https://www.suse.com/security/cve/CVE-2016-6631.html
https://www.suse.com/security/cve/CVE-2016-6632.html
https://www.suse.com/security/cve/CVE-2016-6633.html
https://bugzilla.suse.com/994313
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2144-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 24 Aug '16
by opensuse-security@opensuse.org 24 Aug '16
24 Aug '16
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2144-1
Rating: important
References: #901754 #941113 #942702 #945219 #955654 #957052
#957988 #959709 #960561 #961512 #963762 #963765
#966245 #966437 #966693 #966849 #967972 #967973
#967974 #967975 #968010 #968011 #968012 #968013
#968018 #968670 #969354 #969355 #970114 #970275
#970892 #970909 #970911 #970948 #970955 #970956
#970958 #970970 #971124 #971125 #971126 #971360
#971628 #971799 #971919 #971944 #972174 #973378
#973570 #974308 #974418 #974646 #975945 #978401
#978445 #978469 #978821 #978822 #979021 #979213
#979548 #979867 #979879 #979913 #980348 #980363
#980371 #980725 #981267 #982706 #983143 #983213
#984464 #984755 #984764 #986362 #986365 #986377
#986572 #986573 #986811
Cross-References: CVE-2012-6701 CVE-2013-7446 CVE-2014-9904
CVE-2015-3288 CVE-2015-6526 CVE-2015-7566
CVE-2015-8709 CVE-2015-8785 CVE-2015-8812
CVE-2015-8816 CVE-2015-8830 CVE-2016-0758
CVE-2016-1583 CVE-2016-2053 CVE-2016-2184
CVE-2016-2185 CVE-2016-2186 CVE-2016-2187
CVE-2016-2188 CVE-2016-2384 CVE-2016-2543
CVE-2016-2544 CVE-2016-2545 CVE-2016-2546
CVE-2016-2547 CVE-2016-2548 CVE-2016-2549
CVE-2016-2782 CVE-2016-2847 CVE-2016-3134
CVE-2016-3136 CVE-2016-3137 CVE-2016-3138
CVE-2016-3139 CVE-2016-3140 CVE-2016-3156
CVE-2016-3672 CVE-2016-3689 CVE-2016-3951
CVE-2016-4470 CVE-2016-4482 CVE-2016-4485
CVE-2016-4486 CVE-2016-4565 CVE-2016-4569
CVE-2016-4578 CVE-2016-4580 CVE-2016-4581
CVE-2016-4805 CVE-2016-4913 CVE-2016-4997
CVE-2016-5244 CVE-2016-5829
Affected Products:
openSUSE 13.2
______________________________________________________________________________
An update that solves 53 vulnerabilities and has 28 fixes
is now available.
Description:
The openSUSE 13.2 kernel was updated to fix various bugs and security
issues.
The following security bugs were fixed:
- CVE-2016-1583: Prevent the usage of mmap when the lower file system does
not allow it. This could have lead to local privilege escalation when
ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid
(bsc#983143).
- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c
in the Linux kernel mishandles NM (aka alternate name) entries
containing \0 characters, which allowed local users to obtain sensitive
information from kernel memory or possibly have unspecified other impact
via a crafted isofs filesystem (bnc#980725).
- CVE-2016-4580: The x25_negotiate_facilities function in
net/x25/x25_facilities.c in the Linux kernel did not properly initialize
a certain data structure, which allowed attackers to obtain sensitive
information from kernel stack memory via an X.25 Call Request
(bnc#981267).
- CVE-2016-0758: Tags with indefinite length could have corrupted pointers
in asn1_find_indefinite_length (bsc#979867).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
the Linux kernel allowed attackers to cause a denial of service (panic)
via an ASN.1 BER file that lacks a public key, leading to mishandling by
the public_key_verify_signature function in
crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971919 971944).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401
bsc#978445).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
incorrectly relies on the write system call, which allowed local users
to cause a denial of service (kernel memory write operation) or possibly
have unspecified other impact via a uAPI interface (bnc#979548
bsc#980363).
- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
in the Linux kernel did not properly randomize the legacy base address,
which made it easier for local users to defeat the intended restrictions
on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
for a setuid or setgid program, by disabling stack-consumption resource
limits (bnc#974308).
- CVE-2016-4581: fs/pnode.c in the Linux kernel did not properly traverse
a mount propagation tree in a certain case involving a slave mount,
which allowed local users to cause a denial of service (NULL pointer
dereference and OOPS) via a crafted series of mount system calls
(bnc#979913).
- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the
Linux kernel did not initialize a certain data structure, which allowed
attackers to obtain sensitive information from kernel stack memory by
reading a message (bnc#978821).
- CVE-2015-3288: A security flaw was found in the Linux kernel that there
was a way to arbitrary change zero page memory. (bnc#979021).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
certain r1 data structures, which allowed local users to obtain
sensitive information from kernel stack memory via crafted use of the
ALSA timer interface, related to the (1) snd_timer_user_ccallback and
(2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory by reading a Netlink message (bnc#978822).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the
Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via crafted use of the ALSA timer interface (bnc#979213).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948 974646).
- CVE-2016-3136: The mct_u232_msr_to_state function in
drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted USB device without two
interrupt-in endpoint descriptors (bnc#970955).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (system crash) or possibly have unspecified other
impact by inserting a USB device with an invalid USB descriptor
(bnc#974418).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-3689: The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
USB device without both a master and a slave interface (bnc#971628).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2015-8830: Integer overflow in the aio_setup_single_vector function
in fs/aio.c in the Linux kernel 4.0 allowed local users to cause a
denial of service or possibly have unspecified other impact via a large
AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701
regression (bnc#969354 bsc#969355).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified other impact by unplugging a USB hub device
(bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a bulk-out endpoint (bnc#961512).
- CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent
recursive callback access, which allowed local users to cause a denial
of service (deadlock) via a crafted ioctl call (bnc#968013).
- CVE-2016-2547: sound/core/timer.c in the Linux kernel employs a locking
approach that did not consider slave timer instances, which allowed
local users to cause a denial of service (race condition,
use-after-free, and system crash) via a crafted ioctl call (bnc#968011).
- CVE-2016-2548: sound/core/timer.c in the Linux kernel retains certain
linked lists after a close or stop action, which allowed local users to
cause a denial of service (system crash) via a crafted ioctl call,
related to the (1) snd_timer_close and (2) _snd_timer_stop functions
(bnc#968012).
- CVE-2016-2546: sound/core/timer.c in the Linux kernel uses an incorrect
type of mutex, which allowed local users to cause a denial of service
(race condition, use-after-free, and system crash) via a crafted ioctl
call (bnc#967975).
- CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in
the Linux kernel did not properly maintain a certain linked list, which
allowed local users to cause a denial of service (race condition and
system crash) via a crafted ioctl call (bnc#967974).
- CVE-2016-2544: Race condition in the queue_delete function in
sound/core/seq/seq_queue.c in the Linux kernel allowed local users to
cause a denial of service (use-after-free and system crash) by making an
ioctl call at a certain time (bnc#967973).
- CVE-2016-2543: The snd_seq_ioctl_remove_events function in
sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO
assignment before proceeding with FIFO clearing, which allowed local
users to cause a denial of service (NULL pointer dereference and OOPS)
via a crafted ioctl call (bnc#967972).
- CVE-2015-8709: ** DISPUTED ** kernel/ptrace.c in the Linux kernel
mishandles uid and gid mappings, which allowed local users to gain
privileges by establishing a user namespace, waiting for a root process
to enter that namespace with an unsafe uid or gid, and then using the
ptrace system call. NOTE: the vendor states "there is no kernel bug
here (bnc#959709 960561 ).
- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel
did not properly identify error conditions, which allowed remote
attackers to execute arbitrary code or cause a denial of service
(use-after-free) via crafted packets (bnc#966437).
- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create
function in sound/usb/midi.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (panic) or possibly
have unspecified other impact via vectors involving an invalid USB
descriptor (bnc#966693).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in
the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length for
the first segment of an iov (bnc#963765).
- CVE-2014-9904: The snd_compress_check_input function in
sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel
did not properly check for an integer overflow, which allowed local
users to cause a denial of service (insufficient memory allocation) or
possibly have unspecified other impact via a crafted
SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allow local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bnc#986572 986573).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bnc#986362 986365 986377).
- CVE-2016-4805: Use-after-free vulnerability in
drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
cause a denial of service (memory corruption and system crash, or
spinlock) or possibly have unspecified other impact by removing a
network namespace, related to the ppp_register_net_channel and
ppp_unregister_channel functions (bnc#980371).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
in the Linux kernel did not ensure that a certain data structure is
initialized, which allowed local users to cause a denial of service
(system crash) via vectors involving a crafted keyctl request2 command
(bnc#984755 984764).
- CVE-2015-6526: The perf_callchain_user_64 function in
arch/powerpc/perf/callchain.c in the Linux kernel on ppc64 platforms
allowed local users to cause a denial of service (infinite loop) via a
deep 64-bit userspace backtrace (bnc#942702).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the
Linux kernel did not initialize a certain structure member, which
allowed remote attackers to obtain sensitive information from kernel
stack memory by reading an RDS message (bnc#983213).
The following non-security bugs were fixed:
- ALSA: hrtimer: Handle start/stop more properly (bsc#973378).
- ALSA: pcm: Fix potential deadlock in OSS emulation (bsc#968018).
- ALSA: rawmidi: Fix race at copying & updating the position (bsc#968018).
- ALSA: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- ALSA: seq: Fix double port list deletion (bsc#968018).
- ALSA: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup()
(bsc#968018).
- ALSA: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- ALSA: seq: Fix lockdep warnings due to double mutex locks (bsc#968018).
- ALSA: seq: Fix race at closing in virmidi driver (bsc#968018).
- ALSA: seq: Fix yet another races among ALSA timer accesses (bsc#968018).
- ALSA: timer: Call notifier in the same spinlock (bsc#973378).
- ALSA: timer: Code cleanup (bsc#968018).
- ALSA: timer: Fix leftover link at closing (bsc#968018).
- ALSA: timer: Fix link corruption due to double start or stop
(bsc#968018).
- ALSA: timer: Fix race between stop and interrupt (bsc#968018).
- ALSA: timer: Fix wrong instance passed to slave callbacks (bsc#968018).
- ALSA: timer: Protect the whole snd_timer_close() with open race
(bsc#973378).
- ALSA: timer: Sync timer deletion at closing the system timer
(bsc#973378).
- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- Bluetooth: vhci: Fix race at creating hci device (bsc#971799,bsc#966849).
- Bluetooth: vhci: fix open_timeout vs. hdev race (bsc#971799,bsc#966849).
- Bluetooth: vhci: purge unhandled skbs (bsc#971799,bsc#966849).
- Btrfs: do not use src fd for printk (bsc#980348).
- Refresh patches.drivers/ALSA-hrtimer-Handle-start-stop-more-properly.
Fix the build error on 32bit architectures.
- Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with
head exceeding page size (bsc#978469).
- Refresh patches.xen/xen3-patch-3.14: Suppress atomic file position
updates on /proc/xen/xenbus (bsc#970275).
- Subject: [PATCH] USB: xhci: Add broken streams quirk for Frescologic
device id 1009 (bnc#982706).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- backends: guarantee one time reads of shared ring contents (bsc#957988).
- btrfs: do not go readonly on existing qgroup items (bsc#957052).
- btrfs: remove error message from search ioctl for nonexistent tree.
- drm/i915: Fix missing backlight update during panel disablement
(bsc#941113 boo#901754).
- enic: set netdev->vlan_features (bsc#966245).
- ext4: fix races between buffered IO and collapse / insert range
(bsc#972174).
- ext4: fix races between page faults and hole punching (bsc#972174).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- ext4: move unlocked dio protection from ext4_alloc_file_blocks()
(bsc#972174).
- ipv4/fib: do not warn when primary address is missing if in_dev is dead
(bsc#971360).
- ipvs: count pre-established TCP states as active (bsc#970114).
- net: core: Correct an over-stringent device loop detection (bsc#945219).
- netback: do not use last request to determine minimum Tx credit
(bsc#957988).
- pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.
- pciback: Save the number of MSI-X entries to be copied later.
- pciback: guarantee one time reads of shared ring contents (bsc#957988).
- series.conf: move cxgb3 patch to network drivers section
- usb: quirk to stop runtime PM for Intel 7260 (bnc#984464).
- x86: standardize mmap_rnd() usage (bnc#974308).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-1015=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i586 x86_64):
bbswitch-0.8-3.20.3
bbswitch-debugsource-0.8-3.20.3
bbswitch-kmp-default-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-default-debuginfo-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-desktop-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-xen-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_42-3.20.3
cloop-2.639-14.20.3
cloop-debuginfo-2.639-14.20.3
cloop-debugsource-2.639-14.20.3
cloop-kmp-default-2.639_k3.16.7_42-14.20.3
cloop-kmp-default-debuginfo-2.639_k3.16.7_42-14.20.3
cloop-kmp-desktop-2.639_k3.16.7_42-14.20.3
cloop-kmp-desktop-debuginfo-2.639_k3.16.7_42-14.20.3
cloop-kmp-xen-2.639_k3.16.7_42-14.20.3
cloop-kmp-xen-debuginfo-2.639_k3.16.7_42-14.20.3
crash-7.0.8-20.3
crash-debuginfo-7.0.8-20.3
crash-debugsource-7.0.8-20.3
crash-devel-7.0.8-20.3
crash-doc-7.0.8-20.3
crash-eppic-7.0.8-20.3
crash-eppic-debuginfo-7.0.8-20.3
crash-gcore-7.0.8-20.3
crash-gcore-debuginfo-7.0.8-20.3
crash-kmp-default-7.0.8_k3.16.7_42-20.3
crash-kmp-default-debuginfo-7.0.8_k3.16.7_42-20.3
crash-kmp-desktop-7.0.8_k3.16.7_42-20.3
crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_42-20.3
crash-kmp-xen-7.0.8_k3.16.7_42-20.3
crash-kmp-xen-debuginfo-7.0.8_k3.16.7_42-20.3
hdjmod-debugsource-1.28-18.21.3
hdjmod-kmp-default-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-default-debuginfo-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-desktop-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-xen-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_42-18.21.3
ipset-6.23-20.3
ipset-debuginfo-6.23-20.3
ipset-debugsource-6.23-20.3
ipset-devel-6.23-20.3
ipset-kmp-default-6.23_k3.16.7_42-20.3
ipset-kmp-default-debuginfo-6.23_k3.16.7_42-20.3
ipset-kmp-desktop-6.23_k3.16.7_42-20.3
ipset-kmp-desktop-debuginfo-6.23_k3.16.7_42-20.3
ipset-kmp-xen-6.23_k3.16.7_42-20.3
ipset-kmp-xen-debuginfo-6.23_k3.16.7_42-20.3
kernel-default-3.16.7-42.1
kernel-default-base-3.16.7-42.1
kernel-default-base-debuginfo-3.16.7-42.1
kernel-default-debuginfo-3.16.7-42.1
kernel-default-debugsource-3.16.7-42.1
kernel-default-devel-3.16.7-42.1
kernel-ec2-3.16.7-42.1
kernel-ec2-base-3.16.7-42.1
kernel-ec2-devel-3.16.7-42.1
kernel-obs-build-3.16.7-42.2
kernel-obs-build-debugsource-3.16.7-42.2
kernel-obs-qa-3.16.7-42.1
kernel-obs-qa-xen-3.16.7-42.1
kernel-syms-3.16.7-42.1
libipset3-6.23-20.3
libipset3-debuginfo-6.23-20.3
pcfclock-0.44-260.20.2
pcfclock-debuginfo-0.44-260.20.2
pcfclock-debugsource-0.44-260.20.2
pcfclock-kmp-default-0.44_k3.16.7_42-260.20.2
pcfclock-kmp-default-debuginfo-0.44_k3.16.7_42-260.20.2
pcfclock-kmp-desktop-0.44_k3.16.7_42-260.20.2
pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_42-260.20.2
python-virtualbox-5.0.20-48.5
python-virtualbox-debuginfo-5.0.20-48.5
vhba-kmp-debugsource-20140629-2.20.2
vhba-kmp-default-20140629_k3.16.7_42-2.20.2
vhba-kmp-default-debuginfo-20140629_k3.16.7_42-2.20.2
vhba-kmp-desktop-20140629_k3.16.7_42-2.20.2
vhba-kmp-desktop-debuginfo-20140629_k3.16.7_42-2.20.2
vhba-kmp-xen-20140629_k3.16.7_42-2.20.2
vhba-kmp-xen-debuginfo-20140629_k3.16.7_42-2.20.2
virtualbox-5.0.20-48.5
virtualbox-debuginfo-5.0.20-48.5
virtualbox-debugsource-5.0.20-48.5
virtualbox-devel-5.0.20-48.5
virtualbox-guest-kmp-default-5.0.20_k3.16.7_42-48.5
virtualbox-guest-kmp-default-debuginfo-5.0.20_k3.16.7_42-48.5
virtualbox-guest-kmp-desktop-5.0.20_k3.16.7_42-48.5
virtualbox-guest-kmp-desktop-debuginfo-5.0.20_k3.16.7_42-48.5
virtualbox-guest-tools-5.0.20-48.5
virtualbox-guest-tools-debuginfo-5.0.20-48.5
virtualbox-guest-x11-5.0.20-48.5
virtualbox-guest-x11-debuginfo-5.0.20-48.5
virtualbox-host-kmp-default-5.0.20_k3.16.7_42-48.5
virtualbox-host-kmp-default-debuginfo-5.0.20_k3.16.7_42-48.5
virtualbox-host-kmp-desktop-5.0.20_k3.16.7_42-48.5
virtualbox-host-kmp-desktop-debuginfo-5.0.20_k3.16.7_42-48.5
virtualbox-qt-5.0.20-48.5
virtualbox-qt-debuginfo-5.0.20-48.5
virtualbox-websrv-5.0.20-48.5
virtualbox-websrv-debuginfo-5.0.20-48.5
xen-debugsource-4.4.4_02-46.2
xen-devel-4.4.4_02-46.2
xen-libs-4.4.4_02-46.2
xen-libs-debuginfo-4.4.4_02-46.2
xen-tools-domU-4.4.4_02-46.2
xen-tools-domU-debuginfo-4.4.4_02-46.2
xtables-addons-2.6-22.3
xtables-addons-debuginfo-2.6-22.3
xtables-addons-debugsource-2.6-22.3
xtables-addons-kmp-default-2.6_k3.16.7_42-22.3
xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_42-22.3
xtables-addons-kmp-desktop-2.6_k3.16.7_42-22.3
xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_42-22.3
xtables-addons-kmp-xen-2.6_k3.16.7_42-22.3
xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_42-22.3
- openSUSE 13.2 (i686 x86_64):
kernel-debug-3.16.7-42.1
kernel-debug-base-3.16.7-42.1
kernel-debug-base-debuginfo-3.16.7-42.1
kernel-debug-debuginfo-3.16.7-42.1
kernel-debug-debugsource-3.16.7-42.1
kernel-debug-devel-3.16.7-42.1
kernel-debug-devel-debuginfo-3.16.7-42.1
kernel-desktop-3.16.7-42.1
kernel-desktop-base-3.16.7-42.1
kernel-desktop-base-debuginfo-3.16.7-42.1
kernel-desktop-debuginfo-3.16.7-42.1
kernel-desktop-debugsource-3.16.7-42.1
kernel-desktop-devel-3.16.7-42.1
kernel-ec2-base-debuginfo-3.16.7-42.1
kernel-ec2-debuginfo-3.16.7-42.1
kernel-ec2-debugsource-3.16.7-42.1
kernel-vanilla-3.16.7-42.1
kernel-vanilla-debuginfo-3.16.7-42.1
kernel-vanilla-debugsource-3.16.7-42.1
kernel-vanilla-devel-3.16.7-42.1
kernel-xen-3.16.7-42.1
kernel-xen-base-3.16.7-42.1
kernel-xen-base-debuginfo-3.16.7-42.1
kernel-xen-debuginfo-3.16.7-42.1
kernel-xen-debugsource-3.16.7-42.1
kernel-xen-devel-3.16.7-42.1
- openSUSE 13.2 (x86_64):
xen-4.4.4_02-46.2
xen-doc-html-4.4.4_02-46.2
xen-kmp-default-4.4.4_02_k3.16.7_42-46.2
xen-kmp-default-debuginfo-4.4.4_02_k3.16.7_42-46.2
xen-kmp-desktop-4.4.4_02_k3.16.7_42-46.2
xen-kmp-desktop-debuginfo-4.4.4_02_k3.16.7_42-46.2
xen-libs-32bit-4.4.4_02-46.2
xen-libs-debuginfo-32bit-4.4.4_02-46.2
xen-tools-4.4.4_02-46.2
xen-tools-debuginfo-4.4.4_02-46.2
- openSUSE 13.2 (noarch):
kernel-devel-3.16.7-42.1
kernel-docs-3.16.7-42.2
kernel-macros-3.16.7-42.1
kernel-source-3.16.7-42.1
kernel-source-vanilla-3.16.7-42.1
virtualbox-guest-desktop-icons-5.0.20-48.5
virtualbox-host-source-5.0.20-48.5
- openSUSE 13.2 (i586):
bbswitch-kmp-pae-0.8_k3.16.7_42-3.20.3
bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_42-3.20.3
cloop-kmp-pae-2.639_k3.16.7_42-14.20.3
cloop-kmp-pae-debuginfo-2.639_k3.16.7_42-14.20.3
crash-kmp-pae-7.0.8_k3.16.7_42-20.3
crash-kmp-pae-debuginfo-7.0.8_k3.16.7_42-20.3
hdjmod-kmp-pae-1.28_k3.16.7_42-18.21.3
hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_42-18.21.3
ipset-kmp-pae-6.23_k3.16.7_42-20.3
ipset-kmp-pae-debuginfo-6.23_k3.16.7_42-20.3
pcfclock-kmp-pae-0.44_k3.16.7_42-260.20.2
pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_42-260.20.2
vhba-kmp-pae-20140629_k3.16.7_42-2.20.2
vhba-kmp-pae-debuginfo-20140629_k3.16.7_42-2.20.2
virtualbox-guest-kmp-pae-5.0.20_k3.16.7_42-48.5
virtualbox-guest-kmp-pae-debuginfo-5.0.20_k3.16.7_42-48.5
virtualbox-host-kmp-pae-5.0.20_k3.16.7_42-48.5
virtualbox-host-kmp-pae-debuginfo-5.0.20_k3.16.7_42-48.5
xtables-addons-kmp-pae-2.6_k3.16.7_42-22.3
xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_42-22.3
- openSUSE 13.2 (i686):
kernel-pae-3.16.7-42.1
kernel-pae-base-3.16.7-42.1
kernel-pae-base-debuginfo-3.16.7-42.1
kernel-pae-debuginfo-3.16.7-42.1
kernel-pae-debugsource-3.16.7-42.1
kernel-pae-devel-3.16.7-42.1
References:
https://www.suse.com/security/cve/CVE-2012-6701.html
https://www.suse.com/security/cve/CVE-2013-7446.html
https://www.suse.com/security/cve/CVE-2014-9904.html
https://www.suse.com/security/cve/CVE-2015-3288.html
https://www.suse.com/security/cve/CVE-2015-6526.html
https://www.suse.com/security/cve/CVE-2015-7566.html
https://www.suse.com/security/cve/CVE-2015-8709.html
https://www.suse.com/security/cve/CVE-2015-8785.html
https://www.suse.com/security/cve/CVE-2015-8812.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2015-8830.html
https://www.suse.com/security/cve/CVE-2016-0758.html
https://www.suse.com/security/cve/CVE-2016-1583.html
https://www.suse.com/security/cve/CVE-2016-2053.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2187.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2384.html
https://www.suse.com/security/cve/CVE-2016-2543.html
https://www.suse.com/security/cve/CVE-2016-2544.html
https://www.suse.com/security/cve/CVE-2016-2545.html
https://www.suse.com/security/cve/CVE-2016-2546.html
https://www.suse.com/security/cve/CVE-2016-2547.html
https://www.suse.com/security/cve/CVE-2016-2548.html
https://www.suse.com/security/cve/CVE-2016-2549.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3136.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://www.suse.com/security/cve/CVE-2016-3672.html
https://www.suse.com/security/cve/CVE-2016-3689.html
https://www.suse.com/security/cve/CVE-2016-3951.html
https://www.suse.com/security/cve/CVE-2016-4470.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4485.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4565.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://www.suse.com/security/cve/CVE-2016-4578.html
https://www.suse.com/security/cve/CVE-2016-4580.html
https://www.suse.com/security/cve/CVE-2016-4581.html
https://www.suse.com/security/cve/CVE-2016-4805.html
https://www.suse.com/security/cve/CVE-2016-4913.html
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-5244.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://bugzilla.suse.com/901754
https://bugzilla.suse.com/941113
https://bugzilla.suse.com/942702
https://bugzilla.suse.com/945219
https://bugzilla.suse.com/955654
https://bugzilla.suse.com/957052
https://bugzilla.suse.com/957988
https://bugzilla.suse.com/959709
https://bugzilla.suse.com/960561
https://bugzilla.suse.com/961512
https://bugzilla.suse.com/963762
https://bugzilla.suse.com/963765
https://bugzilla.suse.com/966245
https://bugzilla.suse.com/966437
https://bugzilla.suse.com/966693
https://bugzilla.suse.com/966849
https://bugzilla.suse.com/967972
https://bugzilla.suse.com/967973
https://bugzilla.suse.com/967974
https://bugzilla.suse.com/967975
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968011
https://bugzilla.suse.com/968012
https://bugzilla.suse.com/968013
https://bugzilla.suse.com/968018
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/969354
https://bugzilla.suse.com/969355
https://bugzilla.suse.com/970114
https://bugzilla.suse.com/970275
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970955
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/971628
https://bugzilla.suse.com/971799
https://bugzilla.suse.com/971919
https://bugzilla.suse.com/971944
https://bugzilla.suse.com/972174
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/974308
https://bugzilla.suse.com/974418
https://bugzilla.suse.com/974646
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978445
https://bugzilla.suse.com/978469
https://bugzilla.suse.com/978821
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979021
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979548
https://bugzilla.suse.com/979867
https://bugzilla.suse.com/979879
https://bugzilla.suse.com/979913
https://bugzilla.suse.com/980348
https://bugzilla.suse.com/980363
https://bugzilla.suse.com/980371
https://bugzilla.suse.com/980725
https://bugzilla.suse.com/981267
https://bugzilla.suse.com/982706
https://bugzilla.suse.com/983143
https://bugzilla.suse.com/983213
https://bugzilla.suse.com/984464
https://bugzilla.suse.com/984755
https://bugzilla.suse.com/984764
https://bugzilla.suse.com/986362
https://bugzilla.suse.com/986365
https://bugzilla.suse.com/986377
https://bugzilla.suse.com/986572
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/986811
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2131-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 22 Aug '16
by opensuse-security@opensuse.org 22 Aug '16
22 Aug '16
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2131-1
Rating: important
References: #989196 #990628 #990856 #991809
Cross-References: CVE-2016-2830 CVE-2016-2835 CVE-2016-2836
CVE-2016-2837 CVE-2016-2838 CVE-2016-2839
CVE-2016-5252 CVE-2016-5254 CVE-2016-5258
CVE-2016-5259 CVE-2016-5262 CVE-2016-5263
CVE-2016-5264 CVE-2016-5265 CVE-2016-6354
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
MozillaFirefox was updated to 45.3.0 ESR to fix the following issues
(bsc#991809):
* MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety
hazards (rv:48.0 / rv:45.3)
* MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when
page is closed
* MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG with
bidirectional content
* MFSA 2016-65/CVE-2016-2839 Cairo rendering crash due to memory
allocation issue with FFmpeg 0.10
* MFSA 2016-67/CVE-2016-5252 Stack underflow during 2D graphics rendering
* MFSA 2016-70/CVE-2016-5254 Use-after-free when using alt key and
toplevel menus
* MFSA 2016-72/CVE-2016-5258 Use-after-free in DTLS during WebRTC session
shutdown
* MFSA 2016-73/CVE-2016-5259 Use-after-free in service workers with nested
sync events
* MFSA 2016-76/CVE-2016-5262 Scripts on marquee tag can execute in
sandboxed iframes
* MFSA 2016-77/CVE-2016-2837 Buffer overflow in ClearKey Content
Decryption Module (CDM) during video playback
* MFSA 2016-78/CVE-2016-5263 Type confusion in display transformation
* MFSA 2016-79/CVE-2016-5264 Use-after-free when applying SVG effects
* MFSA 2016-80/CVE-2016-5265 Same-origin policy violation using local HTML
file and saved shortcut file
* CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Also a temporary workaround was added:
- Temporarily bind Firefox to the first CPU as a hotfix for an apparent
race condition (bsc#989196, bsc#990628)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1254=1
- SUSE Linux Enterprise Server for SAP 12:
zypper in -t patch SUSE-SLE-SAP-12-2016-1254=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1254=1
- SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2016-1254=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1254=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
MozillaFirefox-debuginfo-45.3.0esr-78.1
MozillaFirefox-debugsource-45.3.0esr-78.1
MozillaFirefox-devel-45.3.0esr-78.1
- SUSE Linux Enterprise Server for SAP 12 (x86_64):
MozillaFirefox-45.3.0esr-78.1
MozillaFirefox-debuginfo-45.3.0esr-78.1
MozillaFirefox-debugsource-45.3.0esr-78.1
MozillaFirefox-translations-45.3.0esr-78.1
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
MozillaFirefox-45.3.0esr-78.1
MozillaFirefox-debuginfo-45.3.0esr-78.1
MozillaFirefox-debugsource-45.3.0esr-78.1
MozillaFirefox-translations-45.3.0esr-78.1
- SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):
MozillaFirefox-45.3.0esr-78.1
MozillaFirefox-debuginfo-45.3.0esr-78.1
MozillaFirefox-debugsource-45.3.0esr-78.1
MozillaFirefox-translations-45.3.0esr-78.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
MozillaFirefox-45.3.0esr-78.1
MozillaFirefox-debuginfo-45.3.0esr-78.1
MozillaFirefox-debugsource-45.3.0esr-78.1
MozillaFirefox-translations-45.3.0esr-78.1
References:
https://www.suse.com/security/cve/CVE-2016-2830.html
https://www.suse.com/security/cve/CVE-2016-2835.html
https://www.suse.com/security/cve/CVE-2016-2836.html
https://www.suse.com/security/cve/CVE-2016-2837.html
https://www.suse.com/security/cve/CVE-2016-2838.html
https://www.suse.com/security/cve/CVE-2016-2839.html
https://www.suse.com/security/cve/CVE-2016-5252.html
https://www.suse.com/security/cve/CVE-2016-5254.html
https://www.suse.com/security/cve/CVE-2016-5258.html
https://www.suse.com/security/cve/CVE-2016-5259.html
https://www.suse.com/security/cve/CVE-2016-5262.html
https://www.suse.com/security/cve/CVE-2016-5263.html
https://www.suse.com/security/cve/CVE-2016-5264.html
https://www.suse.com/security/cve/CVE-2016-5265.html
https://www.suse.com/security/cve/CVE-2016-6354.html
https://bugzilla.suse.com/989196
https://bugzilla.suse.com/990628
https://bugzilla.suse.com/990856
https://bugzilla.suse.com/991809
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2105-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 19 Aug '16
by opensuse-security@opensuse.org 19 Aug '16
19 Aug '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2105-1
Rating: important
References: #947337 #950998 #951844 #953048 #954847 #956491
#957990 #962742 #963655 #963762 #965087 #966245
#968667 #970114 #970506 #971770 #972933 #973378
#973499 #974165 #974308 #974620 #975531 #975533
#975772 #975788 #977417 #978401 #978469 #978822
#979074 #979213 #979419 #979485 #979489 #979521
#979548 #979681 #979867 #979879 #979922 #980348
#980363 #980371 #980856 #980883 #981038 #981143
#981344 #981597 #982282 #982354 #982544 #982698
#983143 #983213 #983318 #983721 #983904 #983977
#984148 #984456 #984755 #984764 #985232 #985978
#986362 #986365 #986569 #986572 #986573 #986811
#988215 #988498 #988552 #990058
Cross-References: CVE-2014-9904 CVE-2015-7833 CVE-2015-8551
CVE-2015-8552 CVE-2015-8845 CVE-2016-0758
CVE-2016-1583 CVE-2016-2053 CVE-2016-3672
CVE-2016-4470 CVE-2016-4482 CVE-2016-4486
CVE-2016-4565 CVE-2016-4569 CVE-2016-4578
CVE-2016-4805 CVE-2016-4997 CVE-2016-4998
CVE-2016-5244 CVE-2016-5828 CVE-2016-5829
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP1
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that solves 21 vulnerabilities and has 55 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.62 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-9904: The snd_compress_check_input function in
sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel
did not properly check for an integer overflow, which allowed local
users to cause a denial of service (insufficient memory allocation) or
possibly have unspecified other impact via a crafted
SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
- CVE-2015-7833: The usbvision driver in the Linux kernel allowed
physically proximate attackers to cause a denial of service (panic) via
a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86
system and using Linux as the driver domain, allowed local guest
administrators to hit BUG conditions and cause a denial of service (NULL
pointer dereference and host OS crash) by leveraging a system with
access to a passed-through MSI or MSI-X capable physical PCI device and
a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback
missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86
system and using Linux as the driver domain, allowed local guest
administrators to generate a continuous stream of WARN messages and
cause a denial of service (disk consumption) by leveraging a system with
access to a passed-through MSI or MSI-X capable physical PCI device and
XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity
checks (bnc#957990).
- CVE-2015-8845: The tm_reclaim_thread function in
arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
did not ensure that TM suspend mode exists before proceeding with a
tm_reclaim call, which allowed local users to cause a denial of service
(TM Bad Thing exception and panic) via a crafted application
(bnc#975533).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux
kernel allowed local users to gain privileges via crafted ASN.1 data
(bnc#979867).
- CVE-2016-1583: The ecryptfs_privileged_open function in
fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain
privileges or cause a denial of service (stack memory consumption) via
vectors involving crafted mmap calls for /proc pathnames, leading to
recursive pagefault handling (bsc#983143).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
the Linux kernel allowed attackers to cause a denial of service (panic)
via an ASN.1 BER file that lacks a public key, leading to mishandling by
the public_key_verify_signature function in
crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
in the Linux kernel did not properly randomize the legacy base address,
which made it easier for local users to defeat the intended restrictions
on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
for a setuid or setgid program, by disabling stack-consumption resource
limits (bnc#974308).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
in the Linux kernel did not ensure that a certain data structure is
initialized, which allowed local users to cause a denial of service
(system crash) via vectors involving a crafted keyctl request2 command
(bnc#984755).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bsc#978401).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory by reading a Netlink message (bnc#978822).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
incorrectly relied on the write system call, which allowed local users
to cause a denial of service (kernel memory write operation) or possibly
have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via crafted use of the ALSA timer interface (bsc#979213).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
certain r1 data structures, which allowed local users to obtain
sensitive information from kernel stack memory via crafted use of the
ALSA timer interface, related to the (1) snd_timer_user_ccallback and
(2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4805: Use-after-free vulnerability in
drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
cause a denial of service (memory corruption and system crash, or
spinlock) or possibly have unspecified other impact by removing a
network namespace, related to the ppp_register_net_channel and
ppp_unregister_channel functions (bnc#980371).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
in the netfilter subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (memory corruption) by
leveraging in-container root access to provide a crafted offset value
that triggers an unintended decrement (bsc#986362).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the
netfilter subsystem in the Linux kernel allowed local users to cause a
denial of service (out-of-bounds read) or possibly obtain sensitive
information from kernel heap memory by leveraging in-container root
access to provide a crafted offset value that leads to crossing a
ruleset blob boundary (bsc#986365).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the
Linux kernel did not initialize a certain structure member, which
allowed remote attackers to obtain sensitive information from kernel
stack memory by reading an RDS message (bnc#983213).
- CVE-2016-5828: The start_thread function in
arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
mishandled transactional state, which allowed local users to cause a
denial of service (invalid process state or TM Bad Thing exception, and
system crash) or possibly have unspecified other impact by starting and
suspending a transaction an exec system call (bsc#986569).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bnc#986572).
The following non-security bugs were fixed:
- ALSA: hrtimer: Handle start/stop more properly (bsc#973378).
- Add wait_event_cmd() (bsc#953048).
- Btrfs: be more precise on errors when getting an inode from disk
(bsc#981038).
- Btrfs: do not use src fd for printk (bsc#980348).
- Btrfs: improve performance on fsync against new inode after
rename/unlink (bsc#981038).
- Btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933).
- Btrfs: serialize subvolume mounts with potentially mismatching rw flags
(bsc#951844).
- Disable btrfs patch (bsc#981597)
- EDAC, sb_edac: Add support for duplicate device IDs (bsc#979521).
- EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs()
(bsc#979521).
- EDAC, sb_edac: Fix rank lookup on Broadwell (bsc#979521).
- EDAC/sb_edac: Fix computation of channel address (bsc#979521).
- EDAC: Correct channel count limit (bsc#979521).
- EDAC: Remove arbitrary limit on number of channels (bsc#979521).
- EDAC: Use static attribute groups for managing sysfs entries
(bsc#979521).
- MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- PCI/AER: Clear error status registers during enumeration and restore
(bsc#985978).
- RAID5: batch adjacent full stripe write (bsc#953048).
- RAID5: check_reshape() shouldn't call mddev_suspend (bsc#953048).
- RAID5: revert e9e4c377e2f563 to fix a livelock (bsc#953048).
- Restore copying of SKBs with head exceeding page size (bsc#978469).
- SCSI: Increase REPORT_LUNS timeout (bsc#982282).
- USB: xhci: Add broken streams quirk for Frescologic device id 1009
(bnc#982698).
- Update
patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch
(bsc#979419). Fix reference.
- Update
patches.drivers/nvme-0106-init-nvme-queue-before-enabling-irq.patch
(bsc#962742). Fix incorrect bugzilla referece.
- VSOCK: Fix lockdep issue (bsc#977417).
- VSOCK: sock_put wasn't safe to call in interrupt context (bsc#977417).
- base: make module_create_drivers_dir race-free (bnc#983977).
- cdc_ncm: workaround for EM7455 "silent" data interface (bnc#988552).
- ceph: tolerate bad i_size for symlink inode (bsc#985232).
- drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904).
- drm/mgag200: Add support for a new rev of G200e (bsc#983904).
- drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904).
- drm/mgag200: remove unused variables (bsc#983904).
- drm: qxl: Workaround for buggy user-space (bsc#981344).
- efifb: Add support for 64-bit frame buffer addresses (bsc#973499).
- efifb: Fix 16 color palette entry calculation (bsc#983318).
- efifb: Fix KABI of screen_info struct (bsc#973499).
- ehci-pci: enable interrupt on BayTrail (bnc#947337).
- enic: set netdev->vlan_features (bsc#966245).
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- hid-elo: kill not flush the work (bnc#982354).
- iommu/vt-d: Enable QI on all IOMMUs before setting root entry
(bsc#975772).
- ipvs: count pre-established TCP states as active (bsc#970114).
- kabi/severities: Added raw3270_* PASS to allow IBM LTC changes
(bnc#979922, LTC#141736)
- kabi: prevent spurious modversion changes after bsc#982544 fix
(bsc#982544).
- kvm: Guest does not show the cpu flag nonstop_tsc (bsc#971770)
- md/raid56: Do not perform reads to support writes until stripe is ready.
- md/raid5: Ensure a batch member is not handled prematurely (bsc#953048).
- md/raid5: For stripe with R5_ReadNoMerge, we replace REQ_FLUSH with
REQ_NOMERGE.
- md/raid5: add handle_flags arg to break_stripe_batch_list (bsc#953048).
- md/raid5: allow the stripe_cache to grow and shrink (bsc#953048).
- md/raid5: always set conf->prev_chunk_sectors and ->prev_algo
(bsc#953048).
- md/raid5: avoid races when changing cache size (bsc#953048).
- md/raid5: avoid reading parity blocks for full-stripe write to degraded
array (bsc#953048).
- md/raid5: be more selective about distributing flags across batch
(bsc#953048).
- md/raid5: break stripe-batches when the array has failed (bsc#953048).
- md/raid5: call break_stripe_batch_list from handle_stripe_clean_event
(bsc#953048).
- md/raid5: change ->inactive_blocked to a bit-flag (bsc#953048).
- md/raid5: clear R5_NeedReplace when no longer needed (bsc#953048).
- md/raid5: close race between STRIPE_BIT_DELAY and batching (bsc#953048).
- md/raid5: close recently introduced race in stripe_head management.
- md/raid5: consider updating reshape_position at start of reshape
(bsc#953048).
- md/raid5: deadlock between retry_aligned_read with barrier io
(bsc#953048).
- md/raid5: do not do chunk aligned read on degraded array (bsc#953048).
- md/raid5: do not index beyond end of array in need_this_block()
(bsc#953048).
- md/raid5: do not let shrink_slab shrink too far (bsc#953048).
- md/raid5: duplicate some more handle_stripe_clean_event code in
break_stripe_batch_list (bsc#953048).
- md/raid5: ensure device failure recorded before write request returns
(bsc#953048).
- md/raid5: ensure whole batch is delayed for all required bitmap updates
(bsc#953048).
- md/raid5: fix allocation of 'scribble' array (bsc#953048).
- md/raid5: fix another livelock caused by non-aligned writes (bsc#953048).
- md/raid5: fix handling of degraded stripes in batches (bsc#953048).
- md/raid5: fix init_stripe() inconsistencies (bsc#953048).
- md/raid5: fix locking in handle_stripe_clean_event() (bsc#953048).
- md/raid5: fix newly-broken locking in get_active_stripe.
- md/raid5: handle possible race as reshape completes (bsc#953048).
- md/raid5: ignore released_stripes check (bsc#953048).
- md/raid5: more incorrect BUG_ON in handle_stripe_fill (bsc#953048).
- md/raid5: move max_nr_stripes management into grow_one_stripe and
drop_one_stripe (bsc#953048).
- md/raid5: need_this_block: start simplifying the last two conditions
(bsc#953048).
- md/raid5: need_this_block: tidy/fix last condition (bsc#953048).
- md/raid5: new alloc_stripe() to allocate an initialize a stripe
(bsc#953048).
- md/raid5: pass gfp_t arg to grow_one_stripe() (bsc#953048).
- md/raid5: per hash value and exclusive wait_for_stripe (bsc#953048).
- md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list.
- md/raid5: remove condition test from check_break_stripe_batch_list
(bsc#953048).
- md/raid5: remove incorrect "min_t()" when calculating writepos
(bsc#953048).
- md/raid5: remove redundant check in stripe_add_to_batch_list()
(bsc#953048).
- md/raid5: separate large if clause out of fetch_block() (bsc#953048).
- md/raid5: separate out the easy conditions in need_this_block
(bsc#953048).
- md/raid5: split wait_for_stripe and introduce wait_for_quiescent
(bsc#953048).
- md/raid5: strengthen check on reshape_position at run (bsc#953048).
- md/raid5: switch to use conf->chunk_sectors in place of
mddev->chunk_sectors where possible (bsc#953048).
- md/raid5: use ->lock to protect accessing raid5 sysfs attributes
(bsc#953048).
- md/raid5: use bio_list for the list of bios to return (bsc#953048).
- md: be careful when testing resync_max against curr_resync_completed
(bsc#953048).
- md: do_release_stripe(): No need to call md_wakeup_thread() twice
(bsc#953048).
- md: make sure MD_RECOVERY_DONE is clear before starting recovery/resync
(bsc#953048).
- md: remove unwanted white space from md.c (bsc#953048).
- md: use set_bit/clear_bit instead of shift/mask for bi_flags changes
(bsc#953048).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667).
- net: Start with correct mac_len in skb_network_protocol (bsc#968667).
- net: disable fragment reassembly if high_thresh is set to zero
(bsc#970506).
- net: fix wrong mac_len calculation for vlans (bsc#968667).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in
br_validate_ipv6 (bsc#982544).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- nvme: don't poll the CQ from the kthread (bsc#975788, bsc#965087).
- perf/rapl: Fix sysfs_show() initialization for RAPL PMU (bsc#979489).
- perf/x86/intel: Add Intel RAPL PP1 energy counter support (bsc#979489).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- qeth: delete napi struct when removing a qeth device (bnc#988215,
LTC#143590).
- raid5: Retry R5_ReadNoMerge flag when hit a read error.
- raid5: add a new flag to track if a stripe can be batched (bsc#953048).
- raid5: add an option to avoid copy data from bio to stripe cache
(bsc#953048).
- raid5: avoid release list until last reference of the stripe
(bsc#953048).
- raid5: check faulty flag for array status during recovery (bsc#953048).
- raid5: fix a race of stripe count check.
- raid5: fix broken async operation chain (bsc#953048).
- raid5: get_active_stripe avoids device_lock.
- raid5: handle expansion/resync case with stripe batching (bsc#953048).
- raid5: handle io error of batch list (bsc#953048).
- raid5: make_request does less prepare wait.
- raid5: relieve lock contention in get_active_stripe().
- raid5: relieve lock contention in get_active_stripe().
- raid5: speedup sync_request processing (bsc#953048).
- raid5: track overwrite disk count (bsc#953048).
- raid5: update analysis state for failed stripe (bsc#953048).
- raid5: use flex_array for scribble data (bsc#953048).
- s390/3270: add missing tty_kref_put (bnc#979922, LTC#141736).
- s390/3270: avoid endless I/O loop with disconnected 3270 terminals
(bnc#979922, LTC#141736).
- s390/3270: fix garbled output on 3270 tty view (bnc#979922, LTC#141736).
- s390/3270: fix view reference counting (bnc#979922, LTC#141736).
- s390/3270: handle reconnect of a tty with a different size (bnc#979922,
LTC#141736).
- s390/3270: hangup the 3270 tty after a disconnect (bnc#979922,
LTC#141736).
- s390/mm: fix asce_bits handling with dynamic pagetable levels
(bnc#979922, LTC#141456).
- s390/spinlock: avoid yield to non existent cpu (bnc#979922, LTC#141106).
- s390: fix test_fp_ctl inline assembly contraints (bnc#988215,
LTC#143138).
- sb_edac: Fix a typo and a thinko in address handling for Haswell
(bsc#979521).
- sb_edac: Fix support for systems with two home agents per socket
(bsc#979521).
- sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell
(bsc#979521).
- sb_edac: look harder for DDRIO on Haswell systems (bsc#979521).
- sb_edac: support for Broadwell -EP and -EX (bsc#979521).
- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency
(bnc#988498).
- sched/cputime: Fix cpu_timer_sample_group() double accounting
(bnc#988498).
- sched/x86: Fix up typo in topology detection (bsc#974165).
- sched: Provide update_curr callbacks for stop/idle scheduling classes
(bnc#988498).
- target/rbd: do not put snap_context twice (bsc#981143).
- target/rbd: remove caw_mutex usage (bsc#981143).
- usb: quirk to stop runtime PM for Intel 7260 (bnc#984456).
- wait: introduce wait_event_exclusive_cmd (bsc#953048).
- x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel
address (bsc#979521).
- x86 EDAC, sb_edac.c: Take account of channel hashing when needed
(bsc#979521).
- x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165).
- x86/efi: parse_efi_setup() build fix (bsc#979485).
- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
- x86: Removed the free memblock of hibernat keys to avoid memory
corruption (bsc#990058).
- x86: standardize mmap_rnd() usage (bnc#974308).
- xfs: fix premature enospc on inode allocation (bsc#984148).
- xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).
- xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP1:
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1246=1
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1246=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1246=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1246=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1246=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1246=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64):
kernel-default-debuginfo-3.12.62-60.62.1
kernel-default-debugsource-3.12.62-60.62.1
kernel-default-extra-3.12.62-60.62.1
kernel-default-extra-debuginfo-3.12.62-60.62.1
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
kernel-obs-build-3.12.62-60.62.1
kernel-obs-build-debugsource-3.12.62-60.62.1
- SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch):
kernel-docs-3.12.62-60.62.3
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
kernel-default-3.12.62-60.62.1
kernel-default-base-3.12.62-60.62.1
kernel-default-base-debuginfo-3.12.62-60.62.1
kernel-default-debuginfo-3.12.62-60.62.1
kernel-default-debugsource-3.12.62-60.62.1
kernel-default-devel-3.12.62-60.62.1
kernel-syms-3.12.62-60.62.1
- SUSE Linux Enterprise Server 12-SP1 (noarch):
kernel-devel-3.12.62-60.62.1
kernel-macros-3.12.62-60.62.1
kernel-source-3.12.62-60.62.1
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
kernel-xen-3.12.62-60.62.1
kernel-xen-base-3.12.62-60.62.1
kernel-xen-base-debuginfo-3.12.62-60.62.1
kernel-xen-debuginfo-3.12.62-60.62.1
kernel-xen-debugsource-3.12.62-60.62.1
kernel-xen-devel-3.12.62-60.62.1
- SUSE Linux Enterprise Server 12-SP1 (s390x):
kernel-default-man-3.12.62-60.62.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.62-60.62.1
kernel-ec2-debuginfo-3.12.62-60.62.1
kernel-ec2-debugsource-3.12.62-60.62.1
kernel-ec2-devel-3.12.62-60.62.1
kernel-ec2-extra-3.12.62-60.62.1
kernel-ec2-extra-debuginfo-3.12.62-60.62.1
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_62-60_62-default-1-4.2
kgraft-patch-3_12_62-60_62-xen-1-4.2
- SUSE Linux Enterprise Desktop 12-SP1 (noarch):
kernel-devel-3.12.62-60.62.1
kernel-macros-3.12.62-60.62.1
kernel-source-3.12.62-60.62.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
kernel-default-3.12.62-60.62.1
kernel-default-debuginfo-3.12.62-60.62.1
kernel-default-debugsource-3.12.62-60.62.1
kernel-default-devel-3.12.62-60.62.1
kernel-default-extra-3.12.62-60.62.1
kernel-default-extra-debuginfo-3.12.62-60.62.1
kernel-syms-3.12.62-60.62.1
kernel-xen-3.12.62-60.62.1
kernel-xen-debuginfo-3.12.62-60.62.1
kernel-xen-debugsource-3.12.62-60.62.1
kernel-xen-devel-3.12.62-60.62.1
References:
https://www.suse.com/security/cve/CVE-2014-9904.html
https://www.suse.com/security/cve/CVE-2015-7833.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8845.html
https://www.suse.com/security/cve/CVE-2016-0758.html
https://www.suse.com/security/cve/CVE-2016-1583.html
https://www.suse.com/security/cve/CVE-2016-2053.html
https://www.suse.com/security/cve/CVE-2016-3672.html
https://www.suse.com/security/cve/CVE-2016-4470.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4565.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://www.suse.com/security/cve/CVE-2016-4578.html
https://www.suse.com/security/cve/CVE-2016-4805.html
https://www.suse.com/security/cve/CVE-2016-4997.html
https://www.suse.com/security/cve/CVE-2016-4998.html
https://www.suse.com/security/cve/CVE-2016-5244.html
https://www.suse.com/security/cve/CVE-2016-5828.html
https://www.suse.com/security/cve/CVE-2016-5829.html
https://bugzilla.suse.com/947337
https://bugzilla.suse.com/950998
https://bugzilla.suse.com/951844
https://bugzilla.suse.com/953048
https://bugzilla.suse.com/954847
https://bugzilla.suse.com/956491
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/962742
https://bugzilla.suse.com/963655
https://bugzilla.suse.com/963762
https://bugzilla.suse.com/965087
https://bugzilla.suse.com/966245
https://bugzilla.suse.com/968667
https://bugzilla.suse.com/970114
https://bugzilla.suse.com/970506
https://bugzilla.suse.com/971770
https://bugzilla.suse.com/972933
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973499
https://bugzilla.suse.com/974165
https://bugzilla.suse.com/974308
https://bugzilla.suse.com/974620
https://bugzilla.suse.com/975531
https://bugzilla.suse.com/975533
https://bugzilla.suse.com/975772
https://bugzilla.suse.com/975788
https://bugzilla.suse.com/977417
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978469
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979074
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979419
https://bugzilla.suse.com/979485
https://bugzilla.suse.com/979489
https://bugzilla.suse.com/979521
https://bugzilla.suse.com/979548
https://bugzilla.suse.com/979681
https://bugzilla.suse.com/979867
https://bugzilla.suse.com/979879
https://bugzilla.suse.com/979922
https://bugzilla.suse.com/980348
https://bugzilla.suse.com/980363
https://bugzilla.suse.com/980371
https://bugzilla.suse.com/980856
https://bugzilla.suse.com/980883
https://bugzilla.suse.com/981038
https://bugzilla.suse.com/981143
https://bugzilla.suse.com/981344
https://bugzilla.suse.com/981597
https://bugzilla.suse.com/982282
https://bugzilla.suse.com/982354
https://bugzilla.suse.com/982544
https://bugzilla.suse.com/982698
https://bugzilla.suse.com/983143
https://bugzilla.suse.com/983213
https://bugzilla.suse.com/983318
https://bugzilla.suse.com/983721
https://bugzilla.suse.com/983904
https://bugzilla.suse.com/983977
https://bugzilla.suse.com/984148
https://bugzilla.suse.com/984456
https://bugzilla.suse.com/984755
https://bugzilla.suse.com/984764
https://bugzilla.suse.com/985232
https://bugzilla.suse.com/985978
https://bugzilla.suse.com/986362
https://bugzilla.suse.com/986365
https://bugzilla.suse.com/986569
https://bugzilla.suse.com/986572
https://bugzilla.suse.com/986573
https://bugzilla.suse.com/986811
https://bugzilla.suse.com/988215
https://bugzilla.suse.com/988498
https://bugzilla.suse.com/988552
https://bugzilla.suse.com/990058
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2100-1: important: Security update for xen
by opensuse-security@opensuse.org 18 Aug '16
by opensuse-security@opensuse.org 18 Aug '16
18 Aug '16
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2100-1
Rating: important
References: #954872 #955399 #957986 #958848 #961600 #963161
#964427 #967630 #973188 #974038 #974912 #975130
#975138 #975907 #976058 #976111 #978164 #978295
#978413 #979035 #979620 #979670 #980716 #980724
#981264 #981276 #982024 #982025 #982026 #982224
#982225 #982286 #982695 #982960 #983973 #983984
#985503 #986586 #988675 #989235 #990843 #990923
Cross-References: CVE-2014-3672 CVE-2016-3158 CVE-2016-3159
CVE-2016-3710 CVE-2016-3960 CVE-2016-4001
CVE-2016-4002 CVE-2016-4020 CVE-2016-4037
CVE-2016-4439 CVE-2016-4441 CVE-2016-4453
CVE-2016-4454 CVE-2016-4952 CVE-2016-4962
CVE-2016-4963 CVE-2016-5105 CVE-2016-5106
CVE-2016-5107 CVE-2016-5126 CVE-2016-5238
CVE-2016-5337 CVE-2016-5338 CVE-2016-5403
CVE-2016-6258 CVE-2016-6351
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 26 vulnerabilities and has 16 fixes
is now available.
Description:
This update for xen fixes the several issues.
These security issues were fixed:
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local
guest OS users to cause a denial of service (host disk consumption) by
writing to stdout or stderr (bsc#981264).
- CVE-2016-3158: The xrstor function did not properly handle writes to the
hardware FSW.ES bit when running on AMD64 processors, which allowed
local guest OS users to obtain sensitive register content information
from another guest by leveraging pending exception and mask bits
(bsc#973188).
- CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not
properly handle writes to the hardware FSW.ES bit when running on AMD64
processors, which allowed local guest OS users to obtain sensitive
register content information from another guest by leveraging pending
exception and mask bits (bsc#973188).
- CVE-2016-3710: The VGA module improperly performed bounds checking on
banked access to video memory, which allowed local guest OS
administrators to execute arbitrary code on the host by changing access
modes after setting the bank register, aka the "Dark Portal" issue
(bsc#978164).
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed
local guest OS users to cause a denial of service (host crash) or
possibly gain privileges by shadowing a superpage mapping (bsc#974038).
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function,
when the Stellaris ethernet controller is configured to accept large
packets, allowed remote attackers to cause a denial of service (QEMU
crash) via a large packet (bsc#975130).
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the
guest NIC is configured to accept large packets, allowed remote
attackers to cause a denial of service (memory corruption and QEMU
crash) or possibly execute arbitrary code via a packet larger than 1514
bytes (bsc#975138).
- CVE-2016-4020: The patch_instruction function did not initialize the
imm32 variable, which allowed local guest OS administrators to obtain
sensitive information from host stack memory by accessing the Task
Priority Register (TPR) (bsc#975907).
- CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c
allowed local guest OS administrators to cause a denial of service
(infinite loop and CPU consumption) via a circular split isochronous
transfer descriptor (siTD) list (bsc#976111).
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI
Controller (FSC) support did not properly check command buffer length,
which allowed local guest OS administrators to cause a denial of service
(out-of-bounds write and QEMU process crash) or potentially execute
arbitrary code on the host via unspecified vectors (bsc#980716).
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller
(FSC) support did not properly check DMA length, which allowed local
guest OS administrators to cause a denial of service (out-of-bounds
write and QEMU process crash) via unspecified vectors, involving an SCSI
command (bsc#980724).
- CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS
administrators to cause a denial of service (infinite loop and QEMU
process crash) via a VGA command (bsc#982225).
- CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS
administrators to obtain sensitive host memory information or cause a
denial of service (QEMU process crash) by changing FIFO registers and
issuing a VGA command, which triggered an out-of-bounds read
(bsc#982224).
- CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data
routines (bsc#981276).
- CVE-2016-4962: The libxl device-handling allowed local OS guest
administrators to cause a denial of service (resource consumption or
management facility confusion) or gain host OS privileges by
manipulating information in guest controlled areas of xenstore
(bsc#979620).
- CVE-2016-4963: The libxl device-handling allowed local guest OS users
with access to the driver domain to cause a denial of service
(management tool confusion) by manipulating information in the backend
directories in xenstore (bsc#979670).
- CVE-2016-5105: Stack information leakage while reading configuration
(bsc#982024).
- CVE-2016-5106: Out-of-bounds write while setting controller properties
(bsc#982025).
- CVE-2016-5107: Out-of-bounds read in megasas_lookup_frame() function
(bsc#982026).
- CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl
function allowed local guest OS users to cause a denial of service (QEMU
process crash) or possibly execute arbitrary code via a crafted iSCSI
asynchronous I/O ioctl call (bsc#982286).
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed
local guest OS administrators to cause a denial of service
(out-of-bounds write and QEMU process crash) via vectors related to
reading from the information transfer buffer in non-DMA mode
(bsc#982960).
- CVE-2016-5337: The megasas_ctrl_get_info function allowed local guest OS
administrators to obtain sensitive host memory information via vectors
related to reading device control information (bsc#983973).
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions
allowed local guest OS administrators to cause a denial of service (QEMU
process crash) or execute arbitrary code on the host via vectors related
to the information transfer buffer (bsc#983984).
- CVE-2016-6258: Potential privilege escalation in PV guests (XSA-182)
(bsc#988675).
- bsc#978295: x86 software guest page walk PS bit handling flaw (XSA-176)
- CVE-2016-5403: virtio: unbounded memory allocation on host via guest
leading to DoS (XSA-184) (bsc#990923)
- CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bsc#990843)
These non-security issues were fixed:
- bsc#954872: Script block-dmmd not working as expected - libxl: error:
libxl_dm.c
- bsc#957986: Indirect descriptors are not compatible with Amazon block
backend
- bsc#958848: HVM guest crash at
/usr/src/packages/BUILD/xen-4.4.2-testing/obj/default/balloon/balloon.c:407
- bsc#961600: Poor performance when Xen HVM domU configured with max
memory greater than current memory
- bsc#963161: Windows VM getting stuck during load while a VF is assigned
to it after upgrading to latest maintenance updates
- bsc#964427: Discarding device blocks: failed - Input/output error
- bsc#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu)
- bsc#982695: qemu fails to boot HVM guest from xvda
- bsc#986586: Out of memory (oom) during boot on "modprobe xenblk" (non
xen kernel)
- bsc#967630: Discrepancy in reported memory size with correction XSA-153
for xend. Additional memory adjustment made.
- bsc#974912: Persistent performance drop after live-migration using xend
tool stack
- bsc#979035: Restore xm migrate fixes for bsc#955399/ bsc#955399
- bsc#989235: xen dom0 xm create command only searched /etc/xen instead of
/etc/xen/vm
- Live Migration SLES 11 SP3 to SP4 on AMD: "xc: error: Couldn't set
extended vcpu0 info"
- bsc#985503: Fixed vif-route
- bsc#978413: PV guest upgrade from SLES11 SP4 to SLES 12 SP2 alpha3 failed
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-xen-12702=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-xen-12702=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-xen-12702=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64):
xen-devel-4.4.4_07-37.1
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
xen-kmp-default-4.4.4_07_3.0.101_77-37.1
xen-libs-4.4.4_07-37.1
xen-tools-domU-4.4.4_07-37.1
- SUSE Linux Enterprise Server 11-SP4 (x86_64):
xen-4.4.4_07-37.1
xen-doc-html-4.4.4_07-37.1
xen-libs-32bit-4.4.4_07-37.1
xen-tools-4.4.4_07-37.1
- SUSE Linux Enterprise Server 11-SP4 (i586):
xen-kmp-pae-4.4.4_07_3.0.101_77-37.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
xen-debuginfo-4.4.4_07-37.1
xen-debugsource-4.4.4_07-37.1
References:
https://www.suse.com/security/cve/CVE-2014-3672.html
https://www.suse.com/security/cve/CVE-2016-3158.html
https://www.suse.com/security/cve/CVE-2016-3159.html
https://www.suse.com/security/cve/CVE-2016-3710.html
https://www.suse.com/security/cve/CVE-2016-3960.html
https://www.suse.com/security/cve/CVE-2016-4001.html
https://www.suse.com/security/cve/CVE-2016-4002.html
https://www.suse.com/security/cve/CVE-2016-4020.html
https://www.suse.com/security/cve/CVE-2016-4037.html
https://www.suse.com/security/cve/CVE-2016-4439.html
https://www.suse.com/security/cve/CVE-2016-4441.html
https://www.suse.com/security/cve/CVE-2016-4453.html
https://www.suse.com/security/cve/CVE-2016-4454.html
https://www.suse.com/security/cve/CVE-2016-4952.html
https://www.suse.com/security/cve/CVE-2016-4962.html
https://www.suse.com/security/cve/CVE-2016-4963.html
https://www.suse.com/security/cve/CVE-2016-5105.html
https://www.suse.com/security/cve/CVE-2016-5106.html
https://www.suse.com/security/cve/CVE-2016-5107.html
https://www.suse.com/security/cve/CVE-2016-5126.html
https://www.suse.com/security/cve/CVE-2016-5238.html
https://www.suse.com/security/cve/CVE-2016-5337.html
https://www.suse.com/security/cve/CVE-2016-5338.html
https://www.suse.com/security/cve/CVE-2016-5403.html
https://www.suse.com/security/cve/CVE-2016-6258.html
https://www.suse.com/security/cve/CVE-2016-6351.html
https://bugzilla.suse.com/954872
https://bugzilla.suse.com/955399
https://bugzilla.suse.com/957986
https://bugzilla.suse.com/958848
https://bugzilla.suse.com/961600
https://bugzilla.suse.com/963161
https://bugzilla.suse.com/964427
https://bugzilla.suse.com/967630
https://bugzilla.suse.com/973188
https://bugzilla.suse.com/974038
https://bugzilla.suse.com/974912
https://bugzilla.suse.com/975130
https://bugzilla.suse.com/975138
https://bugzilla.suse.com/975907
https://bugzilla.suse.com/976058
https://bugzilla.suse.com/976111
https://bugzilla.suse.com/978164
https://bugzilla.suse.com/978295
https://bugzilla.suse.com/978413
https://bugzilla.suse.com/979035
https://bugzilla.suse.com/979620
https://bugzilla.suse.com/979670
https://bugzilla.suse.com/980716
https://bugzilla.suse.com/980724
https://bugzilla.suse.com/981264
https://bugzilla.suse.com/981276
https://bugzilla.suse.com/982024
https://bugzilla.suse.com/982025
https://bugzilla.suse.com/982026
https://bugzilla.suse.com/982224
https://bugzilla.suse.com/982225
https://bugzilla.suse.com/982286
https://bugzilla.suse.com/982695
https://bugzilla.suse.com/982960
https://bugzilla.suse.com/983973
https://bugzilla.suse.com/983984
https://bugzilla.suse.com/985503
https://bugzilla.suse.com/986586
https://bugzilla.suse.com/988675
https://bugzilla.suse.com/989235
https://bugzilla.suse.com/990843
https://bugzilla.suse.com/990923
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2094-1: important: Security update for yast2-ntp-client
by opensuse-security@opensuse.org 17 Aug '16
by opensuse-security@opensuse.org 17 Aug '16
17 Aug '16
SUSE Security Update: Security update for yast2-ntp-client
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2094-1
Rating: important
References: #985065
Cross-References: CVE-2015-1798 CVE-2015-1799 CVE-2015-5194
CVE-2015-5300 CVE-2015-7691 CVE-2015-7692
CVE-2015-7701 CVE-2015-7702 CVE-2015-7703
CVE-2015-7704 CVE-2015-7705 CVE-2015-7848
CVE-2015-7849 CVE-2015-7850 CVE-2015-7851
CVE-2015-7852 CVE-2015-7853 CVE-2015-7854
CVE-2015-7855 CVE-2015-7871 CVE-2015-7973
CVE-2015-7974 CVE-2015-7975 CVE-2015-7976
CVE-2015-7977 CVE-2015-7978 CVE-2015-7979
CVE-2015-8138 CVE-2015-8158 CVE-2016-1547
CVE-2016-1548 CVE-2016-1549 CVE-2016-1550
CVE-2016-1551 CVE-2016-2516 CVE-2016-2517
CVE-2016-2518 CVE-2016-2519 CVE-2016-4953
CVE-2016-4954 CVE-2016-4955 CVE-2016-4956
CVE-2016-4957
Affected Products:
SUSE Linux Enterprise Server 10 SP4 LTSS
______________________________________________________________________________
An update that fixes 43 vulnerabilities is now available.
It includes one version update.
Description:
The YaST2 NTP Client was updated to handle the presence of both xntp and
ntp packages.
If none are installed, "ntp" will be installed.
Security Issues:
* CVE-2016-4953
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953>
* CVE-2016-4954
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954>
* CVE-2016-4955
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955>
* CVE-2016-4956
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956>
* CVE-2016-4957
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957>
* CVE-2016-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547>
* CVE-2016-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548>
* CVE-2016-1549
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549>
* CVE-2016-1550
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550>
* CVE-2016-1551
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551>
* CVE-2016-2516
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516>
* CVE-2016-2517
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517>
* CVE-2016-2518
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518>
* CVE-2016-2519
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519>
* CVE-2015-8158
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158>
* CVE-2015-8138
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138>
* CVE-2015-7979
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979>
* CVE-2015-7978
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978>
* CVE-2015-7977
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977>
* CVE-2015-7976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976>
* CVE-2015-7975
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975>
* CVE-2015-7974
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974>
* CVE-2015-7973
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973>
* CVE-2015-5300
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300>
* CVE-2015-5194
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5194>
* CVE-2015-7871
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871>
* CVE-2015-7855
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855>
* CVE-2015-7854
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854>
* CVE-2015-7853
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853>
* CVE-2015-7852
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852>
* CVE-2015-7851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851>
* CVE-2015-7850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850>
* CVE-2015-7849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849>
* CVE-2015-7848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848>
* CVE-2015-7701
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701>
* CVE-2015-7703
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703>
* CVE-2015-7704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704>
* CVE-2015-7705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705>
* CVE-2015-7691
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691>
* CVE-2015-7692
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692>
* CVE-2015-7702
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702>
* CVE-2015-1798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798>
* CVE-2015-1799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799>
Package List:
- SUSE Linux Enterprise Server 10 SP4 LTSS (noarch) [New Version: 2.13.18]:
yast2-ntp-client-2.13.18-0.20.1
References:
https://www.suse.com/security/cve/CVE-2015-1798.html
https://www.suse.com/security/cve/CVE-2015-1799.html
https://www.suse.com/security/cve/CVE-2015-5194.html
https://www.suse.com/security/cve/CVE-2015-5300.html
https://www.suse.com/security/cve/CVE-2015-7691.html
https://www.suse.com/security/cve/CVE-2015-7692.html
https://www.suse.com/security/cve/CVE-2015-7701.html
https://www.suse.com/security/cve/CVE-2015-7702.html
https://www.suse.com/security/cve/CVE-2015-7703.html
https://www.suse.com/security/cve/CVE-2015-7704.html
https://www.suse.com/security/cve/CVE-2015-7705.html
https://www.suse.com/security/cve/CVE-2015-7848.html
https://www.suse.com/security/cve/CVE-2015-7849.html
https://www.suse.com/security/cve/CVE-2015-7850.html
https://www.suse.com/security/cve/CVE-2015-7851.html
https://www.suse.com/security/cve/CVE-2015-7852.html
https://www.suse.com/security/cve/CVE-2015-7853.html
https://www.suse.com/security/cve/CVE-2015-7854.html
https://www.suse.com/security/cve/CVE-2015-7855.html
https://www.suse.com/security/cve/CVE-2015-7871.html
https://www.suse.com/security/cve/CVE-2015-7973.html
https://www.suse.com/security/cve/CVE-2015-7974.html
https://www.suse.com/security/cve/CVE-2015-7975.html
https://www.suse.com/security/cve/CVE-2015-7976.html
https://www.suse.com/security/cve/CVE-2015-7977.html
https://www.suse.com/security/cve/CVE-2015-7978.html
https://www.suse.com/security/cve/CVE-2015-7979.html
https://www.suse.com/security/cve/CVE-2015-8138.html
https://www.suse.com/security/cve/CVE-2015-8158.html
https://www.suse.com/security/cve/CVE-2016-1547.html
https://www.suse.com/security/cve/CVE-2016-1548.html
https://www.suse.com/security/cve/CVE-2016-1549.html
https://www.suse.com/security/cve/CVE-2016-1550.html
https://www.suse.com/security/cve/CVE-2016-1551.html
https://www.suse.com/security/cve/CVE-2016-2516.html
https://www.suse.com/security/cve/CVE-2016-2517.html
https://www.suse.com/security/cve/CVE-2016-2518.html
https://www.suse.com/security/cve/CVE-2016-2519.html
https://www.suse.com/security/cve/CVE-2016-4953.html
https://www.suse.com/security/cve/CVE-2016-4954.html
https://www.suse.com/security/cve/CVE-2016-4955.html
https://www.suse.com/security/cve/CVE-2016-4956.html
https://www.suse.com/security/cve/CVE-2016-4957.html
https://bugzilla.suse.com/985065
https://download.suse.com/patch/finder/?keywords=005fabcea379ebb53725d3077b…
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2093-1: important: Security update for xen
by opensuse-security@opensuse.org 17 Aug '16
by opensuse-security@opensuse.org 17 Aug '16
17 Aug '16
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2093-1
Rating: important
References: #900418 #949889 #953339 #953362 #953518 #954872
#957986 #958848 #961600 #963161 #964427 #973188
#973631 #974038 #975130 #975138 #975907 #976058
#976111 #978164 #978295 #978413 #979620 #979670
#980716 #980724 #981264 #981276 #982024 #982025
#982026 #982224 #982225 #982286 #982695 #982960
#983973 #983984 #984981 #985503 #986586 #988675
#988676 #990843 #990923
Cross-References: CVE-2014-3672 CVE-2016-3158 CVE-2016-3159
CVE-2016-3710 CVE-2016-3960 CVE-2016-4001
CVE-2016-4002 CVE-2016-4020 CVE-2016-4037
CVE-2016-4439 CVE-2016-4441 CVE-2016-4453
CVE-2016-4454 CVE-2016-4952 CVE-2016-4962
CVE-2016-4963 CVE-2016-5105 CVE-2016-5106
CVE-2016-5107 CVE-2016-5126 CVE-2016-5238
CVE-2016-5337 CVE-2016-5338 CVE-2016-5403
CVE-2016-6258 CVE-2016-6259 CVE-2016-6351
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that solves 27 vulnerabilities and has 18 fixes
is now available.
Description:
This update for xen to version 4.5.3 fixes the several issues.
These security issues were fixed:
- CVE-2016-6258: Potential privilege escalation in PV guests (XSA-182)
(bsc#988675).
- CVE-2016-6259: Missing SMAP whitelisting in 32-bit exception / event
delivery (XSA-183) (bsc#988676).
- CVE-2016-5337: The megasas_ctrl_get_info function allowed local guest OS
administrators to obtain sensitive host memory information via vectors
related to reading device control information (bsc#983973).
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions
allowed local guest OS administrators to cause a denial of service (QEMU
process crash) or execute arbitrary code on the host via vectors related
to the information transfer buffer (bsc#983984).
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed
local guest OS administrators to cause a denial of service
(out-of-bounds write and QEMU process crash) via vectors related to
reading from the information transfer buffer in non-DMA mode
(bsc#982960).
- CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS
administrators to cause a denial of service (infinite loop and QEMU
process crash) via a VGA command (bsc#982225).
- CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS
administrators to obtain sensitive host memory information or cause a
denial of service (QEMU process crash) by changing FIFO registers and
issuing a VGA command, which triggered an out-of-bounds read
(bsc#982224).
- CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl
function allowed local guest OS users to cause a denial of service (QEMU
process crash) or possibly execute arbitrary code via a crafted iSCSI
asynchronous I/O ioctl call (bsc#982286).
- CVE-2016-5105: Stack information leakage while reading configuration
(bsc#982024).
- CVE-2016-5106: Out-of-bounds write while setting controller properties
(bsc#982025).
- CVE-2016-5107: Out-of-bounds read in megasas_lookup_frame() function
(bsc#982026).
- CVE-2016-4963: The libxl device-handling allowed local guest OS users
with access to the driver domain to cause a denial of service
(management tool confusion) by manipulating information in the backend
directories in xenstore (bsc#979670).
- CVE-2016-4962: The libxl device-handling allowed local OS guest
administrators to cause a denial of service (resource consumption or
management facility confusion) or gain host OS privileges by
manipulating information in guest controlled areas of xenstore
(bsc#979620).
- CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data
routines (bsc#981276).
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local
guest OS users to cause a denial of service (host disk consumption) by
writing to stdout or stderr (bsc#981264).
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller
(FSC) support did not properly check DMA length, which allowed local
guest OS administrators to cause a denial of service (out-of-bounds
write and QEMU process crash) via unspecified vectors, involving an SCSI
command (bsc#980724).
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI
Controller (FSC) support did not properly check command buffer length,
which allowed local guest OS administrators to cause a denial of service
(out-of-bounds write and QEMU process crash) or potentially execute
arbitrary code on the host via unspecified vectors (bsc#980716).
- CVE-2016-3710: The VGA module improperly performed bounds checking on
banked access to video memory, which allowed local guest OS
administrators to execute arbitrary code on the host by changing access
modes after setting the bank register, aka the "Dark Portal" issue
(bsc#978164).
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed
local guest OS users to cause a denial of service (host crash) or
possibly gain privileges by shadowing a superpage mapping (bsc#974038).
- CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not
properly handle writes to the hardware FSW.ES bit when running on AMD64
processors, which allowed local guest OS users to obtain sensitive
register content information from another guest by leveraging pending
exception and mask bits (bsc#973188).
- CVE-2016-3158: The xrstor function did not properly handle writes to the
hardware FSW.ES bit when running on AMD64 processors, which allowed
local guest OS users to obtain sensitive register content information
from another guest by leveraging pending exception and mask bits
(bsc#973188).
- CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c
allowed local guest OS administrators to cause a denial of service
(infinite loop and CPU consumption) via a circular split isochronous
transfer descriptor (siTD) list (bsc#976111).
- CVE-2016-4020: The patch_instruction function did not initialize the
imm32 variable, which allowed local guest OS administrators to obtain
sensitive information from host stack memory by accessing the Task
Priority Register (TPR) (bsc#975907).
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function,
when the Stellaris ethernet controller is configured to accept large
packets, allowed remote attackers to cause a denial of service (QEMU
crash) via a large packet (bsc#975130).
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the
guest NIC is configured to accept large packets, allowed remote
attackers to cause a denial of service (memory corruption and QEMU
crash) or possibly execute arbitrary code via a packet larger than 1514
bytes (bsc#975138).
- bsc#978295: x86 software guest page walk PS bit handling flaw (XSA-176)
- CVE-2016-5403: virtio: unbounded memory allocation on host via guest
leading to DoS (XSA-184) (bsc#990923)
- CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bsc#990843)
These non-security issues were fixed:
- bsc#986586: Out of memory (oom) during boot on "modprobe xenblk" (non
xen kernel)
- bsc#900418: Dump cannot be performed on SLES12 XEN
- bsc#953339: Implement SUSE specific unplug protocol for emulated PCI
devices in PVonHVM guests to qemu-xen-upstream
- bsc#953362: Implement SUSE specific unplug protocol for emulated PCI
devices in PVonHVM guests to qemu-xen-upstream
- bsc#953518: Implement SUSE specific unplug protocol for emulated PCI
devices in PVonHVM guests to qemu-xen-upstream
- bsc#984981: Implement SUSE specific unplug protocol for emulated PCI
devices in PVonHVM guests to qemu-xen-upstream
- bsc#954872: Script block-dmmd not working as expected - libxl: error:
libxl_dm.c (Additional fixes)
- bsc#982695: qemu fails to boot HVM guest from xvda
- bsc#958848: HVM guest crash at
/usr/src/packages/BUILD/xen-4.4.2-testing/obj/default/balloon/balloon.c:407
- bsc#949889: Fail to install 32-bit paravirt VM under SLES12SP1Beta3 XEN
- bsc#954872: Script block-dmmd not working as expected - libxl: error:
libxl_dm.c (another modification)
- bsc#961600: Poor performance when Xen HVM domU configured with max
memory greater than current memory
- bsc#963161: Windows VM getting stuck during load while a VF is assigned
to it after upgrading to latest maintenance updates
- bsc#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu)
- bsc#973631: AWS EC2 kdump issue
- bsc#957986: Indirect descriptors are not compatible with Amazon block
backend
- bsc#964427: Discarding device blocks: failed - Input/output error
- bsc#985503: Fixed vif-route
- bsc#978413: PV guest upgrade from SLES11 SP4 to SLES 12 SP2 alpha3 failed
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1238=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1238=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1238=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP1 (x86_64):
xen-debugsource-4.5.3_08-17.1
xen-devel-4.5.3_08-17.1
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
xen-4.5.3_08-17.1
xen-debugsource-4.5.3_08-17.1
xen-doc-html-4.5.3_08-17.1
xen-kmp-default-4.5.3_08_k3.12.59_60.45-17.1
xen-kmp-default-debuginfo-4.5.3_08_k3.12.59_60.45-17.1
xen-libs-32bit-4.5.3_08-17.1
xen-libs-4.5.3_08-17.1
xen-libs-debuginfo-32bit-4.5.3_08-17.1
xen-libs-debuginfo-4.5.3_08-17.1
xen-tools-4.5.3_08-17.1
xen-tools-debuginfo-4.5.3_08-17.1
xen-tools-domU-4.5.3_08-17.1
xen-tools-domU-debuginfo-4.5.3_08-17.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
xen-4.5.3_08-17.1
xen-debugsource-4.5.3_08-17.1
xen-kmp-default-4.5.3_08_k3.12.59_60.45-17.1
xen-kmp-default-debuginfo-4.5.3_08_k3.12.59_60.45-17.1
xen-libs-32bit-4.5.3_08-17.1
xen-libs-4.5.3_08-17.1
xen-libs-debuginfo-32bit-4.5.3_08-17.1
xen-libs-debuginfo-4.5.3_08-17.1
References:
https://www.suse.com/security/cve/CVE-2014-3672.html
https://www.suse.com/security/cve/CVE-2016-3158.html
https://www.suse.com/security/cve/CVE-2016-3159.html
https://www.suse.com/security/cve/CVE-2016-3710.html
https://www.suse.com/security/cve/CVE-2016-3960.html
https://www.suse.com/security/cve/CVE-2016-4001.html
https://www.suse.com/security/cve/CVE-2016-4002.html
https://www.suse.com/security/cve/CVE-2016-4020.html
https://www.suse.com/security/cve/CVE-2016-4037.html
https://www.suse.com/security/cve/CVE-2016-4439.html
https://www.suse.com/security/cve/CVE-2016-4441.html
https://www.suse.com/security/cve/CVE-2016-4453.html
https://www.suse.com/security/cve/CVE-2016-4454.html
https://www.suse.com/security/cve/CVE-2016-4952.html
https://www.suse.com/security/cve/CVE-2016-4962.html
https://www.suse.com/security/cve/CVE-2016-4963.html
https://www.suse.com/security/cve/CVE-2016-5105.html
https://www.suse.com/security/cve/CVE-2016-5106.html
https://www.suse.com/security/cve/CVE-2016-5107.html
https://www.suse.com/security/cve/CVE-2016-5126.html
https://www.suse.com/security/cve/CVE-2016-5238.html
https://www.suse.com/security/cve/CVE-2016-5337.html
https://www.suse.com/security/cve/CVE-2016-5338.html
https://www.suse.com/security/cve/CVE-2016-5403.html
https://www.suse.com/security/cve/CVE-2016-6258.html
https://www.suse.com/security/cve/CVE-2016-6259.html
https://www.suse.com/security/cve/CVE-2016-6351.html
https://bugzilla.suse.com/900418
https://bugzilla.suse.com/949889
https://bugzilla.suse.com/953339
https://bugzilla.suse.com/953362
https://bugzilla.suse.com/953518
https://bugzilla.suse.com/954872
https://bugzilla.suse.com/957986
https://bugzilla.suse.com/958848
https://bugzilla.suse.com/961600
https://bugzilla.suse.com/963161
https://bugzilla.suse.com/964427
https://bugzilla.suse.com/973188
https://bugzilla.suse.com/973631
https://bugzilla.suse.com/974038
https://bugzilla.suse.com/975130
https://bugzilla.suse.com/975138
https://bugzilla.suse.com/975907
https://bugzilla.suse.com/976058
https://bugzilla.suse.com/976111
https://bugzilla.suse.com/978164
https://bugzilla.suse.com/978295
https://bugzilla.suse.com/978413
https://bugzilla.suse.com/979620
https://bugzilla.suse.com/979670
https://bugzilla.suse.com/980716
https://bugzilla.suse.com/980724
https://bugzilla.suse.com/981264
https://bugzilla.suse.com/981276
https://bugzilla.suse.com/982024
https://bugzilla.suse.com/982025
https://bugzilla.suse.com/982026
https://bugzilla.suse.com/982224
https://bugzilla.suse.com/982225
https://bugzilla.suse.com/982286
https://bugzilla.suse.com/982695
https://bugzilla.suse.com/982960
https://bugzilla.suse.com/983973
https://bugzilla.suse.com/983984
https://bugzilla.suse.com/984981
https://bugzilla.suse.com/985503
https://bugzilla.suse.com/986586
https://bugzilla.suse.com/988675
https://bugzilla.suse.com/988676
https://bugzilla.suse.com/990843
https://bugzilla.suse.com/990923
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2089-1: important: Security update for squid3
by opensuse-security@opensuse.org 16 Aug '16
by opensuse-security@opensuse.org 16 Aug '16
16 Aug '16
SUSE Security Update: Security update for squid3
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2089-1
Rating: important
References: #895773 #902197 #938715 #963539 #967011 #968392
#968393 #968394 #968395 #973782 #973783 #976553
#976556 #976708 #979008 #979009 #979010 #979011
#993299
Cross-References: CVE-2011-3205 CVE-2011-4096 CVE-2012-5643
CVE-2013-0188 CVE-2013-4115 CVE-2014-0128
CVE-2014-6270 CVE-2014-7141 CVE-2014-7142
CVE-2015-5400 CVE-2016-2390 CVE-2016-2569
CVE-2016-2570 CVE-2016-2571 CVE-2016-2572
CVE-2016-3947 CVE-2016-3948 CVE-2016-4051
CVE-2016-4052 CVE-2016-4053 CVE-2016-4054
CVE-2016-4553 CVE-2016-4554 CVE-2016-4555
CVE-2016-4556
Affected Products:
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that fixes 25 vulnerabilities is now available.
Description:
This update for squid3 fixes the following issues:
- Multiple issues in pinger ICMP processing. (CVE-2014-7141,
CVE-2014-7142)
- CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.
(bsc#973782)
- CVE-2016-4554: fix header smuggling issue in HTTP Request processing
(bsc#979010)
- Fix multiple Denial of Service issues in HTTP Response processing.
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,
bsc#968393, bsc#968394, bsc#968395)
- Regression caused by the DoS fixes above (bsc#993299)
- CVE-2016-3948: Fix denial of service in HTTP Response processing
(bsc#973783)
- CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:
* fixes multiple issues in ESI processing (bsc#976556)
- CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)
- CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)
- CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)
- Memory leak in squid3 when using external_acl (bsc#976708)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-squid3-12701=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-squid3-12701=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
squid3-3.1.23-8.16.30.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64):
squid3-debuginfo-3.1.23-8.16.30.1
References:
https://www.suse.com/security/cve/CVE-2011-3205.html
https://www.suse.com/security/cve/CVE-2011-4096.html
https://www.suse.com/security/cve/CVE-2012-5643.html
https://www.suse.com/security/cve/CVE-2013-0188.html
https://www.suse.com/security/cve/CVE-2013-4115.html
https://www.suse.com/security/cve/CVE-2014-0128.html
https://www.suse.com/security/cve/CVE-2014-6270.html
https://www.suse.com/security/cve/CVE-2014-7141.html
https://www.suse.com/security/cve/CVE-2014-7142.html
https://www.suse.com/security/cve/CVE-2015-5400.html
https://www.suse.com/security/cve/CVE-2016-2390.html
https://www.suse.com/security/cve/CVE-2016-2569.html
https://www.suse.com/security/cve/CVE-2016-2570.html
https://www.suse.com/security/cve/CVE-2016-2571.html
https://www.suse.com/security/cve/CVE-2016-2572.html
https://www.suse.com/security/cve/CVE-2016-3947.html
https://www.suse.com/security/cve/CVE-2016-3948.html
https://www.suse.com/security/cve/CVE-2016-4051.html
https://www.suse.com/security/cve/CVE-2016-4052.html
https://www.suse.com/security/cve/CVE-2016-4053.html
https://www.suse.com/security/cve/CVE-2016-4054.html
https://www.suse.com/security/cve/CVE-2016-4553.html
https://www.suse.com/security/cve/CVE-2016-4554.html
https://www.suse.com/security/cve/CVE-2016-4555.html
https://www.suse.com/security/cve/CVE-2016-4556.html
https://bugzilla.suse.com/895773
https://bugzilla.suse.com/902197
https://bugzilla.suse.com/938715
https://bugzilla.suse.com/963539
https://bugzilla.suse.com/967011
https://bugzilla.suse.com/968392
https://bugzilla.suse.com/968393
https://bugzilla.suse.com/968394
https://bugzilla.suse.com/968395
https://bugzilla.suse.com/973782
https://bugzilla.suse.com/973783
https://bugzilla.suse.com/976553
https://bugzilla.suse.com/976556
https://bugzilla.suse.com/976708
https://bugzilla.suse.com/979008
https://bugzilla.suse.com/979009
https://bugzilla.suse.com/979010
https://bugzilla.suse.com/979011
https://bugzilla.suse.com/993299
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2080-1: important: Security update for php5
by opensuse-security@opensuse.org 16 Aug '16
by opensuse-security@opensuse.org 16 Aug '16
16 Aug '16
SUSE Security Update: Security update for php5
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2080-1
Rating: important
References: #986004 #986244 #986386 #986388 #986393 #991426
#991427 #991428 #991429 #991430 #991433 #991437
Cross-References: CVE-2015-8935 CVE-2016-5399 CVE-2016-5766
CVE-2016-5767 CVE-2016-5769 CVE-2016-5772
CVE-2016-6288 CVE-2016-6289 CVE-2016-6290
CVE-2016-6291 CVE-2016-6296 CVE-2016-6297
Affected Products:
SUSE Linux Enterprise Server 11-SP2-LTSS
SUSE Linux Enterprise Debuginfo 11-SP2
______________________________________________________________________________
An update that fixes 12 vulnerabilities is now available.
Description:
php5 was updated to fix the following security issues:
- CVE-2016-6297: Stack-based buffer overflow vulnerability in
php_stream_zip_opener (bsc#991426).
- CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE
(bsc#991427).
- CVE-2016-6289: Integer overflow leads to buffer overflow in
virtual_file_ex (bsc#991428).
- CVE-2016-6290: Use after free in unserialize() with Unexpected Session
Deserialization (bsc#991429).
- CVE-2016-5399: Improper error handling in bzread() (bsc#991430).
- CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).
- CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn
in simplestring.c (bsc#991437).
- CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows
(bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap
overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow (bsc#986393).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-php5-12696=1
- SUSE Linux Enterprise Debuginfo 11-SP2:
zypper in -t patch dbgsp2-php5-12696=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):
apache2-mod_php5-5.2.14-0.7.30.89.1
php5-5.2.14-0.7.30.89.1
php5-bcmath-5.2.14-0.7.30.89.1
php5-bz2-5.2.14-0.7.30.89.1
php5-calendar-5.2.14-0.7.30.89.1
php5-ctype-5.2.14-0.7.30.89.1
php5-curl-5.2.14-0.7.30.89.1
php5-dba-5.2.14-0.7.30.89.1
php5-dbase-5.2.14-0.7.30.89.1
php5-dom-5.2.14-0.7.30.89.1
php5-exif-5.2.14-0.7.30.89.1
php5-fastcgi-5.2.14-0.7.30.89.1
php5-ftp-5.2.14-0.7.30.89.1
php5-gd-5.2.14-0.7.30.89.1
php5-gettext-5.2.14-0.7.30.89.1
php5-gmp-5.2.14-0.7.30.89.1
php5-hash-5.2.14-0.7.30.89.1
php5-iconv-5.2.14-0.7.30.89.1
php5-json-5.2.14-0.7.30.89.1
php5-ldap-5.2.14-0.7.30.89.1
php5-mbstring-5.2.14-0.7.30.89.1
php5-mcrypt-5.2.14-0.7.30.89.1
php5-mysql-5.2.14-0.7.30.89.1
php5-odbc-5.2.14-0.7.30.89.1
php5-openssl-5.2.14-0.7.30.89.1
php5-pcntl-5.2.14-0.7.30.89.1
php5-pdo-5.2.14-0.7.30.89.1
php5-pear-5.2.14-0.7.30.89.1
php5-pgsql-5.2.14-0.7.30.89.1
php5-pspell-5.2.14-0.7.30.89.1
php5-shmop-5.2.14-0.7.30.89.1
php5-snmp-5.2.14-0.7.30.89.1
php5-soap-5.2.14-0.7.30.89.1
php5-suhosin-5.2.14-0.7.30.89.1
php5-sysvmsg-5.2.14-0.7.30.89.1
php5-sysvsem-5.2.14-0.7.30.89.1
php5-sysvshm-5.2.14-0.7.30.89.1
php5-tokenizer-5.2.14-0.7.30.89.1
php5-wddx-5.2.14-0.7.30.89.1
php5-xmlreader-5.2.14-0.7.30.89.1
php5-xmlrpc-5.2.14-0.7.30.89.1
php5-xmlwriter-5.2.14-0.7.30.89.1
php5-xsl-5.2.14-0.7.30.89.1
php5-zip-5.2.14-0.7.30.89.1
php5-zlib-5.2.14-0.7.30.89.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64):
php5-debuginfo-5.2.14-0.7.30.89.1
php5-debugsource-5.2.14-0.7.30.89.1
References:
https://www.suse.com/security/cve/CVE-2015-8935.html
https://www.suse.com/security/cve/CVE-2016-5399.html
https://www.suse.com/security/cve/CVE-2016-5766.html
https://www.suse.com/security/cve/CVE-2016-5767.html
https://www.suse.com/security/cve/CVE-2016-5769.html
https://www.suse.com/security/cve/CVE-2016-5772.html
https://www.suse.com/security/cve/CVE-2016-6288.html
https://www.suse.com/security/cve/CVE-2016-6289.html
https://www.suse.com/security/cve/CVE-2016-6290.html
https://www.suse.com/security/cve/CVE-2016-6291.html
https://www.suse.com/security/cve/CVE-2016-6296.html
https://www.suse.com/security/cve/CVE-2016-6297.html
https://bugzilla.suse.com/986004
https://bugzilla.suse.com/986244
https://bugzilla.suse.com/986386
https://bugzilla.suse.com/986388
https://bugzilla.suse.com/986393
https://bugzilla.suse.com/991426
https://bugzilla.suse.com/991427
https://bugzilla.suse.com/991428
https://bugzilla.suse.com/991429
https://bugzilla.suse.com/991430
https://bugzilla.suse.com/991433
https://bugzilla.suse.com/991437
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2074-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 15 Aug '16
by opensuse-security@opensuse.org 15 Aug '16
15 Aug '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2074-1
Rating: important
References: #816446 #861093 #928130 #935757 #939826 #942367
#945825 #946117 #946309 #948562 #949744 #949936
#951440 #952384 #953527 #954404 #955354 #955654
#956708 #956709 #958463 #958886 #958951 #959190
#959399 #961500 #961509 #961512 #963765 #963767
#964201 #966437 #966460 #966662 #966693 #967972
#967973 #967974 #967975 #968010 #968011 #968012
#968013 #968670 #970504 #970892 #970909 #970911
#970948 #970956 #970958 #970970 #971124 #971125
#971126 #971360 #972510 #973570 #975945 #977847
#978822
Cross-References: CVE-2013-2015 CVE-2013-7446 CVE-2015-0272
CVE-2015-3339 CVE-2015-5307 CVE-2015-6252
CVE-2015-6937 CVE-2015-7509 CVE-2015-7515
CVE-2015-7550 CVE-2015-7566 CVE-2015-7799
CVE-2015-7872 CVE-2015-7990 CVE-2015-8104
CVE-2015-8215 CVE-2015-8539 CVE-2015-8543
CVE-2015-8569 CVE-2015-8575 CVE-2015-8767
CVE-2015-8785 CVE-2015-8812 CVE-2015-8816
CVE-2016-0723 CVE-2016-2069 CVE-2016-2143
CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
CVE-2016-2188 CVE-2016-2384 CVE-2016-2543
CVE-2016-2544 CVE-2016-2545 CVE-2016-2546
CVE-2016-2547 CVE-2016-2548 CVE-2016-2549
CVE-2016-2782 CVE-2016-2847 CVE-2016-3134
CVE-2016-3137 CVE-2016-3138 CVE-2016-3139
CVE-2016-3140 CVE-2016-3156 CVE-2016-4486
Affected Products:
SUSE Linux Enterprise Server 11-SP2-LTSS
SUSE Linux Enterprise Debuginfo 11-SP2
______________________________________________________________________________
An update that solves 48 vulnerabilities and has 13 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various
security and bug fixes.
The following security bugs were fixed:
- CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c
(bsc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390
platforms mishandled the case of four page-table levels, which allowed
local users to cause a denial of service (system crash) or possibly have
unspecified other impact via a crafted application, related to
arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h
(bnc#970504).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified other impact by unplugging a USB hub device
(bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a bulk-out endpoint (bnc#961512).
- CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent
recursive callback access, which allowed local users to cause a denial
of service (deadlock) via a crafted ioctl call (bnc#968013).
- CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking
approach that did not consider slave timer instances, which allowed
local users to cause a denial of service (race condition,
use-after-free, and system crash) via a crafted ioctl call (bnc#968011).
- CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain
linked lists after a close or stop action, which allowed local users to
cause a denial of service (system crash) via a crafted ioctl call,
related to the (1) snd_timer_close and (2) _snd_timer_stop functions
(bnc#968012).
- CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect
type of mutex, which allowed local users to cause a denial of service
(race condition, use-after-free, and system crash) via a crafted ioctl
call (bnc#967975).
- CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in
the Linux kernel did not properly maintain a certain linked list, which
allowed local users to cause a denial of service (race condition and
system crash) via a crafted ioctl call (bnc#967974).
- CVE-2016-2544: Race condition in the queue_delete function in
sound/core/seq/seq_queue.c in the Linux kernel allowed local users to
cause a denial of service (use-after-free and system crash) by making an
ioctl call at a certain time (bnc#967973).
- CVE-2016-2543: The snd_seq_ioctl_remove_events function in
sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO
assignment before proceeding with FIFO clearing, which allowed local
users to cause a denial of service (NULL pointer dereference and OOPS)
via a crafted ioctl call (bnc#967972).
- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create
function in sound/usb/midi.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (panic) or possibly
have unspecified other impact via vectors involving an invalid USB
descriptor (bnc#966693).
- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel
did not properly identify error conditions, which allowed remote
attackers to execute arbitrary code or cause a denial of service
(use-after-free) via crafted packets (bnc#966437).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in
the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length for
the first segment of an iov (bnc#963765).
- CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel
.4.1 allowed local users to gain privileges by triggering access to a
paging structure by a different CPU (bnc#963767).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(use-after-free and system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the
Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
properly manage the relationship between a lock and a socket, which
allowed local users to cause a denial of service (deadlock) via a
crafted sctp_accept call (bnc#961509).
- CVE-2015-7515: The aiptek_probe function in
drivers/input/tablet/aiptek.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted USB device that lacks
endpoints (bnc#956708).
- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel
did not validate attempted changes to the MTU value, which allowed
context-dependent attackers to cause a denial of service (packet loss)
via a value that is (1) smaller than the minimum compliant value or (2)
larger than the MTU of an interface, as demonstrated by a Router
Advertisement (RA) message that is not validated by a daemon, a
different vulnerability than CVE-2015-0272 (bnc#955354).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in
the Linux kernel did not properly use a semaphore, which allowed local
users to cause a denial of service (NULL pointer dereference and system
crash) or possibly have unspecified other impact via a crafted
application that leverages a race condition between keyctl_revoke and
keyctl_read calls (bnc#958951).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the
Linux kernel did not verify an address length, which allowed local users
to obtain sensitive information from kernel memory and bypass the KASLR
protection mechanism via a crafted application (bnc#959399).
- CVE-2015-8543: The networking implementation in the Linux kernel did not
validate protocol identifiers for certain protocol families, which
allowed local users to cause a denial of service (NULL function pointer
dereference and system crash) or possibly gain privileges by leveraging
CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local
users to gain privileges or cause a denial of service (BUG) via crafted
keyctl commands that negatively instantiate a key, related to
security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and
security/keys/user_defined.c (bnc#958463).
- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
crafted no-journal filesystem, a related issue to CVE-2013-2015
(bnc#956709).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
Linux kernel did not ensure that certain slot numbers are valid, which
allowed local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
(bnc#949936).
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c
(bnc#953527).
- CVE-2015-7990: Race condition in the rds_sendmsg function in
net/rds/sendmsg.c in the Linux kernel allowed local users to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by using a socket that was not
properly bound (bnc#952384).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in
the Linux kernel allowed local users to cause a denial of service (OOPS)
via crafted keyctl commands (bnc#951440).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
the Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified other
impact by using a socket that was not properly bound (bnc#945825).
- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in
the Linux kernel allowed local users to cause a denial of service
(memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers
permanent file-descriptor allocation (bnc#942367).
- CVE-2015-3339: Race condition in the prepare_binprm function in
fs/exec.c in the Linux kernel allowed local users to gain privileges by
executing a setuid program at a time instant when a chown to root is in
progress, and the ownership is changed but the setuid bit is not yet
stripped (bnc#928130).
The following non-security bugs were fixed:
- Fix handling of re-write-before-commit for mmapped NFS pages
(bsc#964201).
- Fix lpfc_send_rscn_event allocation size claims bnc#935757
- Fix ntpd clock synchronization in Xen PV domains (bnc#816446).
- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).
- Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
- SCSI: bfa: Fix to handle firmware tskim abort request response
(bsc#972510).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- mm/hugetlb: check for pte NULL pointer in __page_check_address()
(bsc#977847).
- nf_conntrack: fix bsc#758540 kabi fix (bsc#946117).
- privcmd: allow preempting long running user-mode originating hypercalls
(bnc#861093).
- s390/cio: collect format 1 channel-path description data (bsc#966460,
bsc#966662).
- s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662).
- s390/cio: fix measurement characteristics memleak (bsc#966460,
bsc#966662).
- s390/cio: update measurement characteristics (bsc#966460, bsc#966662).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-kernel-source-12693=1
- SUSE Linux Enterprise Debuginfo 11-SP2:
zypper in -t patch dbgsp2-kernel-source-12693=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):
kernel-default-3.0.101-0.7.40.1
kernel-default-base-3.0.101-0.7.40.1
kernel-default-devel-3.0.101-0.7.40.1
kernel-source-3.0.101-0.7.40.1
kernel-syms-3.0.101-0.7.40.1
kernel-trace-3.0.101-0.7.40.1
kernel-trace-base-3.0.101-0.7.40.1
kernel-trace-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64):
kernel-ec2-3.0.101-0.7.40.1
kernel-ec2-base-3.0.101-0.7.40.1
kernel-ec2-devel-3.0.101-0.7.40.1
kernel-xen-3.0.101-0.7.40.1
kernel-xen-base-3.0.101-0.7.40.1
kernel-xen-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (s390x):
kernel-default-man-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586):
kernel-pae-3.0.101-0.7.40.1
kernel-pae-base-3.0.101-0.7.40.1
kernel-pae-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64):
kernel-default-debuginfo-3.0.101-0.7.40.1
kernel-default-debugsource-3.0.101-0.7.40.1
kernel-default-devel-debuginfo-3.0.101-0.7.40.1
kernel-trace-debuginfo-3.0.101-0.7.40.1
kernel-trace-debugsource-3.0.101-0.7.40.1
kernel-trace-devel-debuginfo-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-0.7.40.1
kernel-ec2-debugsource-3.0.101-0.7.40.1
kernel-xen-debuginfo-3.0.101-0.7.40.1
kernel-xen-debugsource-3.0.101-0.7.40.1
kernel-xen-devel-debuginfo-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586):
kernel-pae-debuginfo-3.0.101-0.7.40.1
kernel-pae-debugsource-3.0.101-0.7.40.1
kernel-pae-devel-debuginfo-3.0.101-0.7.40.1
References:
https://www.suse.com/security/cve/CVE-2013-2015.html
https://www.suse.com/security/cve/CVE-2013-7446.html
https://www.suse.com/security/cve/CVE-2015-0272.html
https://www.suse.com/security/cve/CVE-2015-3339.html
https://www.suse.com/security/cve/CVE-2015-5307.html
https://www.suse.com/security/cve/CVE-2015-6252.html
https://www.suse.com/security/cve/CVE-2015-6937.html
https://www.suse.com/security/cve/CVE-2015-7509.html
https://www.suse.com/security/cve/CVE-2015-7515.html
https://www.suse.com/security/cve/CVE-2015-7550.html
https://www.suse.com/security/cve/CVE-2015-7566.html
https://www.suse.com/security/cve/CVE-2015-7799.html
https://www.suse.com/security/cve/CVE-2015-7872.html
https://www.suse.com/security/cve/CVE-2015-7990.html
https://www.suse.com/security/cve/CVE-2015-8104.html
https://www.suse.com/security/cve/CVE-2015-8215.html
https://www.suse.com/security/cve/CVE-2015-8539.html
https://www.suse.com/security/cve/CVE-2015-8543.html
https://www.suse.com/security/cve/CVE-2015-8569.html
https://www.suse.com/security/cve/CVE-2015-8575.html
https://www.suse.com/security/cve/CVE-2015-8767.html
https://www.suse.com/security/cve/CVE-2015-8785.html
https://www.suse.com/security/cve/CVE-2015-8812.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2016-0723.html
https://www.suse.com/security/cve/CVE-2016-2069.html
https://www.suse.com/security/cve/CVE-2016-2143.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2384.html
https://www.suse.com/security/cve/CVE-2016-2543.html
https://www.suse.com/security/cve/CVE-2016-2544.html
https://www.suse.com/security/cve/CVE-2016-2545.html
https://www.suse.com/security/cve/CVE-2016-2546.html
https://www.suse.com/security/cve/CVE-2016-2547.html
https://www.suse.com/security/cve/CVE-2016-2548.html
https://www.suse.com/security/cve/CVE-2016-2549.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://bugzilla.suse.com/816446
https://bugzilla.suse.com/861093
https://bugzilla.suse.com/928130
https://bugzilla.suse.com/935757
https://bugzilla.suse.com/939826
https://bugzilla.suse.com/942367
https://bugzilla.suse.com/945825
https://bugzilla.suse.com/946117
https://bugzilla.suse.com/946309
https://bugzilla.suse.com/948562
https://bugzilla.suse.com/949744
https://bugzilla.suse.com/949936
https://bugzilla.suse.com/951440
https://bugzilla.suse.com/952384
https://bugzilla.suse.com/953527
https://bugzilla.suse.com/954404
https://bugzilla.suse.com/955354
https://bugzilla.suse.com/955654
https://bugzilla.suse.com/956708
https://bugzilla.suse.com/956709
https://bugzilla.suse.com/958463
https://bugzilla.suse.com/958886
https://bugzilla.suse.com/958951
https://bugzilla.suse.com/959190
https://bugzilla.suse.com/959399
https://bugzilla.suse.com/961500
https://bugzilla.suse.com/961509
https://bugzilla.suse.com/961512
https://bugzilla.suse.com/963765
https://bugzilla.suse.com/963767
https://bugzilla.suse.com/964201
https://bugzilla.suse.com/966437
https://bugzilla.suse.com/966460
https://bugzilla.suse.com/966662
https://bugzilla.suse.com/966693
https://bugzilla.suse.com/967972
https://bugzilla.suse.com/967973
https://bugzilla.suse.com/967974
https://bugzilla.suse.com/967975
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968011
https://bugzilla.suse.com/968012
https://bugzilla.suse.com/968013
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/970504
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/972510
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/977847
https://bugzilla.suse.com/978822
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2073-1: important: Security update for GraphicsMagick
by opensuse-security@opensuse.org 15 Aug '16
by opensuse-security@opensuse.org 15 Aug '16
15 Aug '16
openSUSE Security Update: Security update for GraphicsMagick
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2073-1
Rating: important
References: #965853 #983309 #983455 #983521 #983523 #983533
#983752 #983794 #983799 #984142 #984145 #984150
#984166 #984372 #984375 #984379 #984394 #984400
#984408 #984436 #985442
Cross-References: CVE-2014-9805 CVE-2014-9807 CVE-2014-9809
CVE-2014-9815 CVE-2014-9817 CVE-2014-9819
CVE-2014-9820 CVE-2014-9831 CVE-2014-9834
CVE-2014-9835 CVE-2014-9837 CVE-2014-9839
CVE-2014-9845 CVE-2014-9846 CVE-2014-9853
CVE-2015-8894 CVE-2015-8896 CVE-2016-2317
CVE-2016-2318 CVE-2016-5240 CVE-2016-5241
CVE-2016-5688
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes 22 vulnerabilities is now available.
Description:
This update for GraphicsMagick fixes the following issues:
- CVE-2014-9805: SEGV due to a corrupted pnm file (boo#983752)
- CVE-2016-5240: SVG converting issue resulting in DoS (endless loop)
(boo#983309)
- CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion
(boo#983455)
- CVE-2014-9846: Overflow in rle file (boo#983521)
- CVE-2015-8894: Double free in TGA code (boo#983523)
- CVE-2015-8896: Double free / integer truncation issue (boo#983533)
- CVE-2014-9807: Double free in pdb coder (boo#983794)
- CVE-2014-9809: SEGV due to corrupted xwd images (boo#983799)
- CVE-2014-9819: Heap overflow in palm files (boo#984142)
- CVE-2014-9835: Heap overflow in wpf file (boo#984145)
- CVE-2014-9831: Issues handling of corrupted wpg file (boo#984375)
- CVE-2014-9820: heap overflow in xpm files (boo#984150)
- CVE-2014-9837: Additional PNM sanity checks (boo#984166)
- CVE-2014-9815: Crash on corrupted wpg file (boo#984372)
- CVE-2014-9839: Theoretical out of bound access in via color maps
(boo#984379)
- CVE-2014-9845: Crash due to corrupted dib file (boo#984394)
- CVE-2014-9817: Heap buffer overflow in pdb file handling (boo#984400)
- CVE-2014-9853: Memory leak in rle file handling (boo#984408)
- CVE-2014-9834: Heap overflow in pict file (boo#984436)
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG
(boo#985442)
- CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG
files (boo#965853)
- CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG
files (boo#965853)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-984=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
GraphicsMagick-1.3.21-11.1
GraphicsMagick-debuginfo-1.3.21-11.1
GraphicsMagick-debugsource-1.3.21-11.1
GraphicsMagick-devel-1.3.21-11.1
libGraphicsMagick++-Q16-11-1.3.21-11.1
libGraphicsMagick++-Q16-11-debuginfo-1.3.21-11.1
libGraphicsMagick++-devel-1.3.21-11.1
libGraphicsMagick-Q16-3-1.3.21-11.1
libGraphicsMagick-Q16-3-debuginfo-1.3.21-11.1
libGraphicsMagick3-config-1.3.21-11.1
libGraphicsMagickWand-Q16-2-1.3.21-11.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.21-11.1
perl-GraphicsMagick-1.3.21-11.1
perl-GraphicsMagick-debuginfo-1.3.21-11.1
References:
https://www.suse.com/security/cve/CVE-2014-9805.html
https://www.suse.com/security/cve/CVE-2014-9807.html
https://www.suse.com/security/cve/CVE-2014-9809.html
https://www.suse.com/security/cve/CVE-2014-9815.html
https://www.suse.com/security/cve/CVE-2014-9817.html
https://www.suse.com/security/cve/CVE-2014-9819.html
https://www.suse.com/security/cve/CVE-2014-9820.html
https://www.suse.com/security/cve/CVE-2014-9831.html
https://www.suse.com/security/cve/CVE-2014-9834.html
https://www.suse.com/security/cve/CVE-2014-9835.html
https://www.suse.com/security/cve/CVE-2014-9837.html
https://www.suse.com/security/cve/CVE-2014-9839.html
https://www.suse.com/security/cve/CVE-2014-9845.html
https://www.suse.com/security/cve/CVE-2014-9846.html
https://www.suse.com/security/cve/CVE-2014-9853.html
https://www.suse.com/security/cve/CVE-2015-8894.html
https://www.suse.com/security/cve/CVE-2015-8896.html
https://www.suse.com/security/cve/CVE-2016-2317.html
https://www.suse.com/security/cve/CVE-2016-2318.html
https://www.suse.com/security/cve/CVE-2016-5240.html
https://www.suse.com/security/cve/CVE-2016-5241.html
https://www.suse.com/security/cve/CVE-2016-5688.html
https://bugzilla.suse.com/965853
https://bugzilla.suse.com/983309
https://bugzilla.suse.com/983455
https://bugzilla.suse.com/983521
https://bugzilla.suse.com/983523
https://bugzilla.suse.com/983533
https://bugzilla.suse.com/983752
https://bugzilla.suse.com/983794
https://bugzilla.suse.com/983799
https://bugzilla.suse.com/984142
https://bugzilla.suse.com/984145
https://bugzilla.suse.com/984150
https://bugzilla.suse.com/984166
https://bugzilla.suse.com/984372
https://bugzilla.suse.com/984375
https://bugzilla.suse.com/984379
https://bugzilla.suse.com/984394
https://bugzilla.suse.com/984400
https://bugzilla.suse.com/984408
https://bugzilla.suse.com/984436
https://bugzilla.suse.com/985442
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:2061-1: important: Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss
by opensuse-security@opensuse.org 12 Aug '16
by opensuse-security@opensuse.org 12 Aug '16
12 Aug '16
SUSE Security Update: Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2061-1
Rating: important
References: #983549 #983638 #983639 #983643 #983646 #983651
#983652 #983653 #983655 #984006 #985659 #989196
#990628 #990856 #991809
Cross-References: CVE-2016-2815 CVE-2016-2818 CVE-2016-2819
CVE-2016-2821 CVE-2016-2822 CVE-2016-2824
CVE-2016-2828 CVE-2016-2830 CVE-2016-2831
CVE-2016-2834 CVE-2016-2835 CVE-2016-2836
CVE-2016-2837 CVE-2016-2838 CVE-2016-2839
CVE-2016-5252 CVE-2016-5254 CVE-2016-5258
CVE-2016-5259 CVE-2016-5262 CVE-2016-5263
CVE-2016-5264 CVE-2016-5265 CVE-2016-6354
Affected Products:
SUSE Linux Enterprise Server 11-SP2-LTSS
SUSE Linux Enterprise Debuginfo 11-SP2
______________________________________________________________________________
An update that fixes 24 vulnerabilities is now available.
Description:
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr and mozilla-nss
were updated to fix nine security issues.
MozillaFirefox was updated to version 45.3.0 ESR. mozilla-nss was updated
to version 3.21.1, mozilla-nspr to version 4.12.
These security issues were fixed in 45.3.0ESR:
- CVE-2016-2835/CVE-2016-2836: Miscellaneous memory safety hazards
(rv:48.0 / rv:45.3) (MFSA 2016-62)
- CVE-2016-2830: Favicon network connection can persist when page is
closed (MFSA 2016-63)
- CVE-2016-2838: Buffer overflow rendering SVG with bidirectional content
(MFSA 2016-64)
- CVE-2016-2839: Cairo rendering crash due to memory allocation issue with
FFmpeg 0.10 (MFSA 2016-65)
- CVE-2016-5252: Stack underflow during 2D graphics rendering (MFSA
2016-67)
- CVE-2016-5254: Use-after-free when using alt key and toplevel menus
(MFSA 2016-70)
- CVE-2016-5258: Use-after-free in DTLS during WebRTC session shutdown
(MFSA 2016-72)
- CVE-2016-5259: Use-after-free in service workers with nested sync events
(MFSA 2016-73)
- CVE-2016-5262: Scripts on marquee tag can execute in sandboxed iframes
(MFSA 2016-76)
- CVE-2016-2837: Buffer overflow in ClearKey Content Decryption Module
(CDM) during video playback (MFSA 2016-77)
- CVE-2016-5263: Type confusion in display transformation (MFSA 2016-78)
- CVE-2016-5264: Use-after-free when applying SVG effects (MFSA 2016-79)
- CVE-2016-5265: Same-origin policy violation using local HTML file and
saved shortcut file (MFSA 2016-80)
- CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Security issues fixed in 45.2.0.ESR:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53)
(bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA
2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable
document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50)
(bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations
after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without
user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA
2016-49) (bsc#983638)
These non-security issues were fixed:
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
- Temporarily bind Firefox to the first CPU as a hotfix for an apparent
race condition (bsc#989196, bsc#990628)
All extensions must now be signed by addons.mozilla.org. Please read
README.SUSE for more details.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-MozillaFirefox-12690=1
- SUSE Linux Enterprise Debuginfo 11-SP2:
zypper in -t patch dbgsp2-MozillaFirefox-12690=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):
MozillaFirefox-45.3.0esr-48.1
MozillaFirefox-branding-SLED-45.0-20.38
MozillaFirefox-translations-45.3.0esr-48.1
firefox-fontconfig-2.11.0-4.2
libfreebl3-3.21.1-26.2
mozilla-nspr-4.12-25.2
mozilla-nspr-devel-4.12-25.2
mozilla-nss-3.21.1-26.2
mozilla-nss-devel-3.21.1-26.2
mozilla-nss-tools-3.21.1-26.2
- SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64):
libfreebl3-32bit-3.21.1-26.2
mozilla-nspr-32bit-4.12-25.2
mozilla-nss-32bit-3.21.1-26.2
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64):
MozillaFirefox-debuginfo-45.3.0esr-48.1
MozillaFirefox-debugsource-45.3.0esr-48.1
firefox-fontconfig-debuginfo-2.11.0-4.2
mozilla-nspr-debuginfo-4.12-25.2
mozilla-nspr-debugsource-4.12-25.2
mozilla-nss-debuginfo-3.21.1-26.2
mozilla-nss-debugsource-3.21.1-26.2
- SUSE Linux Enterprise Debuginfo 11-SP2 (s390x x86_64):
firefox-fontconfig-debugsource-2.11.0-4.2
mozilla-nspr-debuginfo-32bit-4.12-25.2
mozilla-nss-debuginfo-32bit-3.21.1-26.2
References:
https://www.suse.com/security/cve/CVE-2016-2815.html
https://www.suse.com/security/cve/CVE-2016-2818.html
https://www.suse.com/security/cve/CVE-2016-2819.html
https://www.suse.com/security/cve/CVE-2016-2821.html
https://www.suse.com/security/cve/CVE-2016-2822.html
https://www.suse.com/security/cve/CVE-2016-2824.html
https://www.suse.com/security/cve/CVE-2016-2828.html
https://www.suse.com/security/cve/CVE-2016-2830.html
https://www.suse.com/security/cve/CVE-2016-2831.html
https://www.suse.com/security/cve/CVE-2016-2834.html
https://www.suse.com/security/cve/CVE-2016-2835.html
https://www.suse.com/security/cve/CVE-2016-2836.html
https://www.suse.com/security/cve/CVE-2016-2837.html
https://www.suse.com/security/cve/CVE-2016-2838.html
https://www.suse.com/security/cve/CVE-2016-2839.html
https://www.suse.com/security/cve/CVE-2016-5252.html
https://www.suse.com/security/cve/CVE-2016-5254.html
https://www.suse.com/security/cve/CVE-2016-5258.html
https://www.suse.com/security/cve/CVE-2016-5259.html
https://www.suse.com/security/cve/CVE-2016-5262.html
https://www.suse.com/security/cve/CVE-2016-5263.html
https://www.suse.com/security/cve/CVE-2016-5264.html
https://www.suse.com/security/cve/CVE-2016-5265.html
https://www.suse.com/security/cve/CVE-2016-6354.html
https://bugzilla.suse.com/983549
https://bugzilla.suse.com/983638
https://bugzilla.suse.com/983639
https://bugzilla.suse.com/983643
https://bugzilla.suse.com/983646
https://bugzilla.suse.com/983651
https://bugzilla.suse.com/983652
https://bugzilla.suse.com/983653
https://bugzilla.suse.com/983655
https://bugzilla.suse.com/984006
https://bugzilla.suse.com/985659
https://bugzilla.suse.com/989196
https://bugzilla.suse.com/990628
https://bugzilla.suse.com/990856
https://bugzilla.suse.com/991809
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2058-1: important: Security update for OpenJDK7
by opensuse-security@opensuse.org 12 Aug '16
by opensuse-security@opensuse.org 12 Aug '16
12 Aug '16
openSUSE Security Update: Security update for OpenJDK7
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2058-1
Rating: important
References: #988651 #989722 #989723 #989725 #989727 #989728
#989729 #989730 #989731 #989732 #989733 #989734
Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498
CVE-2016-3500 CVE-2016-3503 CVE-2016-3508
CVE-2016-3511 CVE-2016-3550 CVE-2016-3598
CVE-2016-3606 CVE-2016-3610
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that solves 11 vulnerabilities and has one errata
is now available.
Description:
Update to 2.6.7 - OpenJDK 7u111
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8147771: Construction of static protection domains under Javax
custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch 2016-982=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
java-1_7_0-openjdk-1.7.0.111-24.39.1
java-1_7_0-openjdk-accessibility-1.7.0.111-24.39.1
java-1_7_0-openjdk-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-debugsource-1.7.0.111-24.39.1
java-1_7_0-openjdk-demo-1.7.0.111-24.39.1
java-1_7_0-openjdk-demo-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-devel-1.7.0.111-24.39.1
java-1_7_0-openjdk-devel-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-headless-1.7.0.111-24.39.1
java-1_7_0-openjdk-headless-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-src-1.7.0.111-24.39.1
- openSUSE 13.1 (noarch):
java-1_7_0-openjdk-javadoc-1.7.0.111-24.39.1
References:
https://www.suse.com/security/cve/CVE-2016-3458.html
https://www.suse.com/security/cve/CVE-2016-3485.html
https://www.suse.com/security/cve/CVE-2016-3498.html
https://www.suse.com/security/cve/CVE-2016-3500.html
https://www.suse.com/security/cve/CVE-2016-3503.html
https://www.suse.com/security/cve/CVE-2016-3508.html
https://www.suse.com/security/cve/CVE-2016-3511.html
https://www.suse.com/security/cve/CVE-2016-3550.html
https://www.suse.com/security/cve/CVE-2016-3598.html
https://www.suse.com/security/cve/CVE-2016-3606.html
https://www.suse.com/security/cve/CVE-2016-3610.html
https://bugzilla.suse.com/988651
https://bugzilla.suse.com/989722
https://bugzilla.suse.com/989723
https://bugzilla.suse.com/989725
https://bugzilla.suse.com/989727
https://bugzilla.suse.com/989728
https://bugzilla.suse.com/989729
https://bugzilla.suse.com/989730
https://bugzilla.suse.com/989731
https://bugzilla.suse.com/989732
https://bugzilla.suse.com/989733
https://bugzilla.suse.com/989734
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2052-1: important: Security update for java-1_7_0-openjdk
by opensuse-security@opensuse.org 11 Aug '16
by opensuse-security@opensuse.org 11 Aug '16
11 Aug '16
openSUSE Security Update: Security update for java-1_7_0-openjdk
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2052-1
Rating: important
References: #982366 #984684 #988651 #989722 #989723 #989725
#989727 #989728 #989729 #989730 #989731 #989732
#989733 #989734
Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498
CVE-2016-3500 CVE-2016-3503 CVE-2016-3508
CVE-2016-3511 CVE-2016-3550 CVE-2016-3598
CVE-2016-3606 CVE-2016-3610
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________
An update that solves 11 vulnerabilities and has three
fixes is now available.
Description:
This update for java-1_7_0-openjdk fixes the following issues:
- Update to 2.6.7 - OpenJDK 7u111
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8147771: Construction of static protection domains under Javax
custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
* Import of OpenJDK 7 u111 build 0
- S6953295: Move few sun.security.{util, x509, pkcs} classes used by
keytool/jarsigner to another package
- S7060849: Eliminate pack200 build warnings
- S7064075: Security libraries don't build with javac
-Xlint:all,-deprecation -Werror
- S7069870: Parts of the JDK erroneously rely on generic array
initializers with diamond
- S7102686: Restructure timestamp code so that jars and modules can
more easily share the same code
- S7105780: Add SSLSocket client/SSLEngine server to templates
directory
- S7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom
instances when timestamping is not done
- S7152582: PKCS11 tests should use the NSS libraries available in the
OS
- S7192202: Make sure keytool prints both unknown and unparseable
extensions
- S7194449: String resources for Key Tool and Policy Tool should be in
their respective packages
- S7196855: autotest.sh fails on ubuntu because libsoftokn.so not found
- S7200682: TEST_BUG: keytool/autotest.sh still has problems with
libsoftokn.so
- S8002306: (se) Selector.open fails if invoked with thread interrupt
status set [win]
- S8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as
defined in RFC3161
- S8019341: Update CookieHttpsClientTest to use the newer framework.
- S8022228: Intermittent test failures in
sun/security/ssl/javax/net/ssl/NewAPIs
- S8022439: Fix lint warnings in sun.security.ec
- S8022594: Potential deadlock in <clinit> of sun.nio.ch.Util/IOUtil
- S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
- S8036612: [parfait] JNI exception pending in
jdk/src/windows/native/sun/security/mscapi/security.cpp
- S8037557: test SessionCacheSizeTests.java timeout
- S8038837: Add support to jarsigner for specifying timestamp hash
algorithm
- S8079410: Hotspot version to share the same update and build version
from JDK
- S8130735: javax.swing.TimerQueue: timer fires late when another
timer starts
- S8139436: sun.security.mscapi.KeyStore might load incomplete data
- S8144313: Test SessionTimeOutTests can be timeout
- S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed
out
- S8146669: Test SessionTimeOutTests fails intermittently
- S8146993: Several javax/management/remote/mandatory regression tests
fail after JDK-8138811
- S8147857: [TEST] RMIConnector logs attribute names incorrectly
- S8151841, PR3098: Build needs additional flags to compile with GCC 6
- S8151876: (tz) Support tzdata2016d
- S8157077: 8u101 L10n resource file updates
- S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow not
known.
* Import of OpenJDK 7 u111 build 1
- S7081817:
test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java f
ailing
- S8140344: add support for 3 digit update release numbers
- S8145017: Add support for 3 digit hotspot minor version numbers
- S8162344: The API changes made by CR 7064075 need to be reverted
* Backports
- S2178143, PR2958: JVM crashes if the number of bound CPUs changed
during runtime
- S4900206, PR3101: Include worst-case rounding tests for Math library
functions
- S6260348, PR3067: GTK+ L&F JTextComponent not respecting desktop
caret blink rate
- S6934604, PR3075: enable parts of EliminateAutoBox by default
- S7043064, PR3020: sun/java2d/cmm/ tests failed against RI b141 &
b138-nightly
- S7051394, PR3020: NullPointerException when running regression tests
LoadProfileTest by using openjdk-7-b144
- S7086015, PR3013: fix
test/tools/javac/parser/netbeans/JavacParserTest.java
- S7119487, PR3013: JavacParserTest.java test fails on Windows
platforms
- S7124245, PR3020: [lcms] ColorConvertOp to color space CS_GRAY
apparently converts orange to 244,244,0
- S7159445, PR3013: (javac) emits inaccurate diagnostics for enhanced
for-loops
- S7175845, PR1437, RH1207129: 'jar uf' changes file permissions
unexpectedly
- S8005402, PR3020: Need to provide benchmarks for color management
- S8005530, PR3020: [lcms] Improve performance of ColorConverOp for
default destinations
- S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not
transferred from source to destination.
- S8013430, PR3020: REGRESSION:
closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java fail
s with java.io.StreamCorruptedException: invalid type code: EE since
8b87
- S8014286, PR3075: failed java/lang/Math/DivModTests.java after
6934604 changes
- S8014959, PR3075: assert(Compile::current()->live_nodes() <
(uint)MaxNodeLimit) failed: Live Node limit exceeded limit
- S8019247, PR3075: SIGSEGV in compiled method
c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object
- S8024511, PR3020: Crash during color profile destruction
- S8025429, PR3020: [parfait] warnings from b107 for sun.java2d.cmm:
JNI exception pending
- S8026702, PR3020: Fix for 8025429 breaks jdk build on windows
- S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for Java_awt
test suit
- S8047066, PR3020: Test test/sun/awt/image/bug8038000.java fails with
ClassCastException
- S8069181, PR3012, RH1015612: java.lang.AssertionError when compiling
JDK 1.4 code in JDK 8
- S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt can lead
to the generation of illegal instructions (bsc#988651)
- S8159244, PR3075: Partially initialized string object created by
C2's string concat optimization may escape
* Bug fixes
- PR2799, RH1195203: Files are missing from resources.jar
- PR2900: Don't use WithSeed versions of NSS functions as they don't
fully process the seed
- PR3091: SystemTap is heavily confused by multiple JDKs
- PR3102: Extend 8022594 to AixPollPort
- PR3103: Handle case in clean-fonts where
linux.fontconfig.Gentoo.properties.old has not been created
- PR3111: Provide option to disable SystemTap tests
- PR3114: Don't assume system mime.types supports text/x-java-source
- PR3115: Add check for elliptic curve cryptography implementation
- PR3116: Add tests for Java debug info and source files
- PR3118: Path to agpl-3.0.txt not updated
- PR3119: Makefile handles cacerts as a symlink, but the configure
check doesn't
* AArch64 port
- S8148328, PR3100: aarch64: redundant lsr instructions in stub code.
- S8148783, PR3100: aarch64: SEGV running SpecJBB2013
- S8148948, PR3100: aarch64: generate_copy_longs calls align()
incorrectly
- S8150045, PR3100: arraycopy causes segfaults in SATB during garbage
collection
- S8154537, PR3100: AArch64: some integer rotate instructions are
never emitted
- S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads in
wrong mode
- S8157906, PR3100: aarch64: some more integer rotate instructions are
never emitted
- Enable SunEC for SLE12 and Leap (bsc#982366)
- Fix aarch64 running with 48 bits va space (bsc#984684)
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-977=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
java-1_7_0-openjdk-1.7.0.111-34.1
java-1_7_0-openjdk-accessibility-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-devel-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-headless-1.7.0.111-34.1
java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-debugsource-1.7.0.111-34.1
java-1_7_0-openjdk-demo-1.7.0.111-34.1
java-1_7_0-openjdk-demo-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-devel-1.7.0.111-34.1
java-1_7_0-openjdk-devel-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-headless-1.7.0.111-34.1
java-1_7_0-openjdk-headless-debuginfo-1.7.0.111-34.1
java-1_7_0-openjdk-src-1.7.0.111-34.1
- openSUSE Leap 42.1 (noarch):
java-1_7_0-openjdk-javadoc-1.7.0.111-34.1
References:
https://www.suse.com/security/cve/CVE-2016-3458.html
https://www.suse.com/security/cve/CVE-2016-3485.html
https://www.suse.com/security/cve/CVE-2016-3498.html
https://www.suse.com/security/cve/CVE-2016-3500.html
https://www.suse.com/security/cve/CVE-2016-3503.html
https://www.suse.com/security/cve/CVE-2016-3508.html
https://www.suse.com/security/cve/CVE-2016-3511.html
https://www.suse.com/security/cve/CVE-2016-3550.html
https://www.suse.com/security/cve/CVE-2016-3598.html
https://www.suse.com/security/cve/CVE-2016-3606.html
https://www.suse.com/security/cve/CVE-2016-3610.html
https://bugzilla.suse.com/982366
https://bugzilla.suse.com/984684
https://bugzilla.suse.com/988651
https://bugzilla.suse.com/989722
https://bugzilla.suse.com/989723
https://bugzilla.suse.com/989725
https://bugzilla.suse.com/989727
https://bugzilla.suse.com/989728
https://bugzilla.suse.com/989729
https://bugzilla.suse.com/989730
https://bugzilla.suse.com/989731
https://bugzilla.suse.com/989732
https://bugzilla.suse.com/989733
https://bugzilla.suse.com/989734
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2051-1: important: Security update for java-1_8_0-openjdk
by opensuse-security@opensuse.org 11 Aug '16
by opensuse-security@opensuse.org 11 Aug '16
11 Aug '16
openSUSE Security Update: Security update for java-1_8_0-openjdk
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2051-1
Rating: important
References: #984684 #987895 #988651 #989721 #989722 #989723
#989725 #989726 #989727 #989728 #989729 #989730
#989731 #989732 #989733 #989734
Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498
CVE-2016-3500 CVE-2016-3503 CVE-2016-3508
CVE-2016-3511 CVE-2016-3550 CVE-2016-3552
CVE-2016-3587 CVE-2016-3598 CVE-2016-3606
CVE-2016-3610
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________
An update that solves 13 vulnerabilities and has three
fixes is now available.
Description:
This update for java-1_8_0-openjdk fixes the following issues:
- Upgrade to version jdk8u101 (icedtea 3.1.0)
- New in release 3.1.0 (2016-07-25):
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8146514: Enforce GCM limits
- S8147771: Construction of static protection domains under Javax
custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149070: Enforce update ordering
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8153312: Constrain AppCDS behavior
- S8154475, CVE-2016-3587: Clean up lookup visibility (bsc#989721)
- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3552 (bsc#989726)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
* New features
- S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3
on Linux
- PR2821: Support building OpenJDK with --disable-headful
- PR2931, G478960: Provide Infinality Support via fontconfig
- PR3079: Provide option to build Shenandoah on x86_64
* Import of OpenJDK 8 u92 build 14
- S6869327: Add new C2 flag to keep safepoints in counted loops.
- S8022865: [TESTBUG] Compressed Oops testing needs to be revised
- S8029630: Thread id should be displayed as a hex number in error
report
- S8029726: On OS X some dtrace probe names are mismatched with Solaris
- S8029727: On OS X dtrace probes Call<type>MethodA/Call<type>MethodV
are not fired.
- S8029728: On OS X dtrace probes SetStaticBooleanField are not fired
- S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID
attribute value is empty String
- S8038349: Signing XML with DSA throws Exception when key is larger
than 1024 bits
- S8041501: ImageIO reader is not capable of reading JPEGs without
JFIF header
- S8041900: [macosx] Java forces the use of discrete GPU
- S8044363: Remove special build options for unpack200 executable
- S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value for
hotspot ARCH
- S8046611: Build errors with gcc on sparc/fastdebug
- S8047763: Recognize sparc64 as a sparc platform
- S8048232: Fix for 8046471 breaks PPC64 build
- S8052396: Catch exceptions resulting from missing font cmap
- S8058563: InstanceKlass::_dependencies list isn't cleared from empty
nmethodBucket entries
- S8061624: [TESTBUG] Some tests cannot be ran under compact profiles
and therefore shall be excluded
- S8062901: Iterators is spelled incorrectly in the Javadoc for
Spliterator
- S8064330: Remove SHA224 from the default support list if SunMSCAPI
enabled
- S8065579: WB method to start G1 concurrent mark cycle should be
introduced
- S8065986: Compiler fails to NullPointerException when calling super
with Object<>()
- S8066974: Compiler doesn't infer method's generic type information
in lambda body
- S8067800: Clarify java.time.chrono.Chronology.isLeapYear for
out of range years
- S8068033: JNI exception pending in jdk/src/share/bin/java.c
- S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c for JNI
pending
- S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed: OLD
and/or OBSOLETE method(s) found
- S8068254: Method reference uses wrong qualifying type
- S8074696: Remote debugging session hangs for several minutes when
calling findBootType
- S8074935: jdk8 keytool doesn't validate pem files for RFC 1421
correctness, as jdk7 did
- S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java
relies on system locale
- S8080492: [Parfait] Uninitialised variable in
jdk/src/java/desktop/windows/native/libawt/
- S8080650: Enable stubs to use frame pointers correctly
- S8122944: perfdata used is seen as too high on sparc zone with
jdk1.9 and causes a test failure
- S8129348: Debugger hangs in trace mode with TRACE_SENDS
- S8129847: Compiling methods generated by Nashorn triggers high
memory usage in C2
- S8130506: javac AssertionError when invoking MethodHandle.invoke
with lambda parameter
- S8130910: hsperfdata file is created in wrong directory and not
cleaned up if /tmp/hsperfdata_<username> has wrong permissions
- S8131129: Attempt to define a duplicate BMH$Species class
- S8131665: Bad exception message in HandshakeHash.getFinishedHash
- S8131782: C1 Class.cast optimization breaks when Class is loaded
from static final
- S8132503: [macosx] Chinese full stop symbol cannot be entered with
Pinyin IM on OS X
- S8133207: ParallelProbes.java test fails after changes for
JDK-8080115
- S8133924: NPE may be thrown when xsltc select a non-existing node
after JDK-8062518
- S8134007: Improve string folding
- S8134759: jdb: Incorrect stepping inside finally block
- S8134963: [Newtest] New stress test for changing the coarseness
level of G1 remembered set
- S8136442: Don't tie Certificate signature algorithms to ciphersuites
- S8137106: EUDC (End User Defined Characters) are not displayed
on Windows with Java 8u60+
- S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory in
HotSpot
- S8138764: In some cases the usage of TreeLock can be replaced by
other synchronization
- S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java failed
with timeout
- S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc] void
InstanceKlass::oop_oop_iterate_oop_maps_specialized<true,oopDesc*,MarkAndPu
shClosure>
- S8139436: sun.security.mscapi.KeyStore might load incomplete data
- S8139751: Javac crash with -XDallowStringFolding=false
- S8139863: [TESTBUG] Need to port tests for JDK-8134903 to 8u-dev
- S8139985: JNI exception pending in
jdk/src/jdk/hprof/agent/share/native/libhprof
- S8140031: SA: Searching for a value in Threads does not work
- S8140249: JVM Crashing During startUp If Flight Recording is enabled
- S8140344: add support for 3 digit update release numbers
- S8140587: Atomic*FieldUpdaters should use Class.isInstance instead
of direct class check
- S8141260: isReachable crash in windows xp
- S8143297: Nashorn compilation time reported in nanoseconds
- S8143397: It looks like InetAddress.isReachable(timeout) works
incorrectly
- S8143855: Bad printf formatting in frame_zero.cpp
- S8143896: java.lang.Long is implicitly converted to double
- S8143963: improve ClassLoader::trace_class_path to accept an
additional outputStream* arg
- S8144020: Remove long as an internal numeric type
- S8144131: ArrayData.getInt implementations do not convert to int32
- S8144483: One long Safepoint pause directly after each GC log
rotation
- S8144487: PhaseIdealLoop::build_and_optimize() must restore
major_progress flag if skip_loop_opts is true
- S8144885: agent/src/os/linux/libproc.h needs to support Linux/SPARC
builds
- S8144935: C2: safepoint is pruned from a non-counted loop
- S8144937: [TEST_BUG] testlibrary_tests should be excluded for
compact1 and compact2 execution
- S8145017: Add support for 3 digit hotspot minor version numbers
- S8145099: Better error message when SA can't attach to a process
- S8145442: Add the facility to verify remembered sets for G1
- S8145466: javac: No line numbers in compilation error
- S8145539: (coll) AbstractMap.keySet and .values should not be
volatile
- S8145550: Megamorphic invoke should use CompiledFunction variants
without any LinkLogic
- S8145669: apply2call optimized callsite fails after becoming
megamorphic
- S8145722: NullPointerException in javadoc
- S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not match
AddI
- S8146147: Java linker indexed property getter does not work for
computed nashorn string
- S8146566: OpenJDK build can't handle commas in LDFLAGS
- S8146725: Issues with
SignatureAndHashAlgorithm.getSupportedAlgorithms
- S8146979: Backport of 8046471 breaks ppc64 build in jdk8u because
8072383 was badly backported before
- S8147087: Race when reusing PerRegionTable bitmaps may result in
dropped remembered set entries
- S8147630: Wrong test result pushed to 8u-dev
- S8147845: Varargs Array functions still leaking longs
- S8147857: RMIConnector logs attribute names incorrectly
- S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC
- S8150791: 8u76 L10n resource file translation update
* Import of OpenJDK 8 u101 build 13
- S6483657: MSCAPI provider does not create unique alias names
- S6675699: need comprehensive fix for unconstrained ConvI2L with
narrowed type
- S8037557: test SessionCacheSizeTests.java timeout
- S8038837: Add support to jarsigner for specifying timestamp hash
algorithm
- S8081778: Use Intel x64 CPU instructions for RSA acceleration
- S8130150: Implement BigInteger.montgomeryMultiply intrinsic
- S8130735: javax.swing.TimerQueue: timer fires late when another
timer starts
- S8143913: MSCAPI keystore should accept Certificate[] in setEntry()
- S8144313: Test SessionTimeOutTests can be timeout
- S8146240: Three nashorn files contain "GNU General Public License"
header
- S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed
out
- S8146669: Test SessionTimeOutTests fails intermittently
- S8146993: Several javax/management/remote/mandatory regression tests
fail after JDK-8138811
- S8147994: [macosx] JScrollPane jitters up/down during trackpad
scrolling on MacOS/Aqua
- S8151522: Disable 8130150 and 8081778 intrinsics by default
- S8151876: (tz) Support tzdata2016d
- S8152098: Fix 8151522 caused test
compiler/intrinsics/squaretolen/TestSquareToLen.java to fail
- S8157077: 8u101 L10n resource file updates
* Backports
- S6260348, PR3066: GTK+ L&F JTextComponent not respecting desktop
caret blink rate
- S6778087, PR1061: getLocationOnScreen() always returns (0, 0) for
mouse wheel events
- S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS string
- S8008657, PR3077: JSpinner setComponentOrientation doesn't affect on
text orientation
- S8014212, PR2866: Robot captures black screen
- S8029339, PR1061: Custom MultiResolution image support on HiDPI
displays
- S8031145, PR3077: Re-examine closed i18n tests to see it they can be
moved to the jdk repository.
- S8034856, PR3095: gcc warnings compiling
src/solaris/native/sun/security/pkcs11
- S8034857, PR3095: gcc warnings compiling
src/solaris/native/sun/management
- S8035054, PR3095: JarFacade.c should not include ctype.h
- S8035287, PR3095: gcc warnings compiling various libraries files
- S8038631, PR3077: Create wrapper for awt.Robot with additional
functionality
- S8039279, PR3077: Move awt tests to openjdk repository
- S8041561, PR3077: Inconsistent opacity behaviour between JCheckBox
and JRadioButton
- S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests to jdk
- S8041915, PR3077: Move 8 awt tests to OpenJDK regression tests tree
- S8043126, PR3077: move awt automated functional tests from
AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository
- S8043131, PR3077: Move ShapedAndTranslucentWindows and GC functional
AWT tests to regression tree
- S8044157, PR3077: [TEST_BUG] Improve recently submitted AWT_Mixing
tests
- S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and
AltPlusNumberKeyCombinationsTest to jdk
- S8044429, PR3077: move awt automated tests for AWT_Modality to
OpenJDK repository
- S8044762, PR2960: com/sun/jdi/OptionTest.java test time out
- S8044765, PR3077: Move functional tests AWT_SystemTray/Automated to
openjdk repository
- S8047180, PR3077: Move functional tests AWT_Headless/Automated to
OpenJDK repository
- S8047367, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 2
- S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional tests
to OpenJDK
- S8049226, PR2960: com/sun/jdi/OptionTest.java test times out again
- S8049617, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 3
- S8049694, PR3077: Migrate functional AWT_DesktopProperties/Automated
tests to OpenJDK
- S8050885, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 4
- S8051440, PR3077: move tests about maximizing undecorated to OpenJDK
- S8052012, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 5
- S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3
of 3)
- S8053657, PR3077: [TEST_BUG] move some 5 tests related to
undecorated Frame/JFrame to JDK
- S8054143, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 6
- S8054358, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 7
- S8054359, PR3077: move awt automated tests from AWT_Modality to
OpenJDK repository - part 8
- S8055360, PR3077: Move the rest part of AWT ShapedAndTranslucent
tests to OpenJDK
- S8055664, PR3077: move 14 tests about setLocationRelativeTo to jdk
- S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK
repository - part 9
- S8056911, PR3077: Remove internal API usage from ExtendedRobot class
- S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK
repository - part 10
- S8058959, PR1061:
closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwic
eTest.java failed automatically
- S8062606, PR3077: Fix a typo in java.awt.Robot class
- S8063102, PR3077: Change open awt regression tests to avoid
sun.awt.SunToolkit.realSync, part 1
- S8063104, PR3077: Change open awt regression tests to avoid
sun.awt.SunToolkit.realSync, part 2
- S8063106, PR3077: Change open swing regression tests to avoid
sun.awt.SunToolkit.realSync, part 1
- S8063107, PR3077: Change open swing regression tests to avoid
sun.awt.SunToolkit.realSync, part 2
- S8064573, PR3077: [TEST_BUG]
javax/swing/text/AbstractDocument/6968363/Test6968363.java is
asocial pressing VK_LEFT and not releasing
- S8064575, PR3077: [TEST_BUG]
javax/swing/JEditorPane/6917744/bug6917744.java 100 times press keys
and never releases
- S8064809, PR3077: [TEST_BUG]
javax/swing/JComboBox/4199622/bug4199622.java contains a lot of
keyPress and not a single keyRelease
- S8067441, PR3077: Some tests fails with error: cannot find symbol
getSystemMnemonicKeyCodes()
- S8068228, PR3077: Test
closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest fails
with GTKLookAndFeel
- S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not
include scale factor
- S8073320, PR1061: Windows HiDPI Graphics support
- S8074807, PR3077: Fix some tests unnecessary using internal API
- S8076315, PR3077: move 4 manual functional swing tests to regression
suite
- S8078504, PR3094: Zero lacks declaration of VM_Version::initialize()
- S8129822, PR3077: Define "headful" jtreg keyword
- S8132123, PR1061: MultiResolutionCachedImage unnecessarily creates
base image to get its size
- S8133539, PR1061: [TEST_BUG] Split
java/awt/image/MultiResolutionImageTest.java in two to allow
restricted access
- S8137571, PR1061: Linux HiDPI Graphics support
- S8142406, PR1061: [TEST] MultiResolution image: need test to cover
the case when @2x image is corrupted
- S8145188, PR2945: No LocalVariableTable generated for the entire JDK
- S8150258, PR1061: [TEST] HiDPI: create a test for multiresolution
menu items icons
- S8150724, PR1061: [TEST] HiDPI: create a test for multiresolution
icons
- S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should be
taken into account for OS X
- S8151841, PR2882: Build needs additional flags to compile with GCC 6
[plus parts of 8149647 & 8032045]
- S8155613, PR1061: [PIT] crash in
AWT_Desktop/Automated/Exceptions/BasicTest
- S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD
incorrectly
- S8156128, PR1061: Tests for [AWT/Swing] Conditional support for GTK
3 on Linux
- S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt can lead
to the generation of illegal instructions (bsc#988651)
- S8159244, PR3074: Partially initialized string object created by
C2's string concat optimization may escape
- S8159690, PR3077: [TESTBUG] Mark headful tests with @key headful.
- S8160294, PR2882, PR3095: Some client libraries cannot be built with
GCC 6
* Bug fixes
- PR1958: GTKLookAndFeel does not honor gtk-alternative-button-order
- PR2822: Feed LIBS & CFLAGS into configure rather than make to avoid
re-discovery by OpenJDK configure
- PR2932: Support ccache in a non-automagic manner
- PR2933: Support ccache 3.2 and later
- PR2964: Set system defaults based on OS
- PR2974, RH1337583: PKCS#10 certificate requests now use CRLF line
endings rather than system line endings
- PR3078: Remove duplicated line dating back to 6788347 and 6894807
- PR3083, RH1346460: Regression in SSL debug output without an ECC
provider
- PR3089: Remove old memory limits patch
- PR3090, RH1204159: SystemTap is heavily confused by multiple JDKs
- PR3095: Fix warnings in URLClassPath.c
- PR3096: Remove dead --disable-optimizations option
- PR3105: Use version from hotspot.map to create tarball filename
- PR3106: Handle both correctly-spelt property
"enableCustomValueHandler" introduced by S8079718 and typo version
- PR3108: Shenandoah patches not included in release tarball
- PR3110: Update hotspot.map documentation in INSTALL
* AArch64 port
- S8145320, PR3078: Create unsafe_arraycopy and generic_arraycopy for
AArch64
- S8148328, PR3078: aarch64: redundant lsr instructions in stub code.
- S8148783, PR3078: aarch64: SEGV running SpecJBB2013
- S8148948, PR3078: aarch64: generate_copy_longs calls align()
incorrectly
- S8149080, PR3078: AArch64: Recognise disjoint array copy in stub code
- S8149365, PR3078: aarch64: memory copy does not prefetch on
backwards copy
- S8149907, PR3078: aarch64: use load/store pair instructions in
call_stub
- S8150038, PR3078: aarch64: make use of CBZ and CBNZ when comparing
narrow pointer with zero
- S8150045, PR3078: arraycopy causes segfaults in SATB during garbage
collection
- S8150082, PR3078: aarch64: optimise small array copy
- S8150229, PR3078: aarch64: pipeline class for several instructions
is not set correctly
- S8150313, PR3078: aarch64: optimise array copy using SIMD
instructions
- S8150394, PR3078: aarch64: add support for 8.1 LSE CAS instructions
- S8151340, PR3078: aarch64: prefetch the destination word for write
prior to ldxr/stxr loops.
- S8151502, PR3078: optimize pd_disjoint_words and pd_conjoint_words
- S8151775, PR3078: aarch64: add support for 8.1 LSE atomic
operations
- S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when comparing
unsigned values with zero.
- S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub routine
- S8153713, PR3078: aarch64: improve short array clearing using store
pair
- S8153797, PR3078: aarch64: Add Arrays.fill stub code
- S8154537, PR3078: AArch64: some integer rotate instructions are
never emitted
- S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads in
wrong mode
- S8155015, PR3078: Aarch64: bad assert in spill generation code
- S8155100, PR3078: AArch64: Relax alignment requirement for
byte_map_base
- S8155612, PR3078: Aarch64: vector nodes need to support misaligned
offset
- S8155617, PR3078: aarch64: ClearArray does not use DC ZVA
- S8155653, PR3078: TestVectorUnalignedOffset.java not pushed with
8155612
- S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails due
to _generic_arraycopy stub routine
- S8157841, PR3078: aarch64: prefetch ignores cache line size
- S8157906, PR3078: aarch64: some more integer rotate instructions are
never emitted
- S8158913, PR3078: aarch64: SEGV running Spark terasort
- S8159052, PR3078: aarch64: optimise unaligned copies in
pd_disjoint_words and pd_conjoint_words
- S8159063, PR3078: aarch64: optimise unaligned array copy long
- PR3078: Cleanup remaining differences from aarch64/jdk8u tree
- Fix script linking /usr/share/javazi/tzdb.dat for platform where it
applies (bsc#987895)
- Fix aarch64 running with 48 bits va space (bsc#984684)
avoid some crashes
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-978=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
java-1_8_0-openjdk-1.8.0.101-15.1
java-1_8_0-openjdk-accessibility-1.8.0.101-15.1
java-1_8_0-openjdk-debuginfo-1.8.0.101-15.1
java-1_8_0-openjdk-debugsource-1.8.0.101-15.1
java-1_8_0-openjdk-demo-1.8.0.101-15.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.101-15.1
java-1_8_0-openjdk-devel-1.8.0.101-15.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.101-15.1
java-1_8_0-openjdk-headless-1.8.0.101-15.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.101-15.1
java-1_8_0-openjdk-src-1.8.0.101-15.1
- openSUSE Leap 42.1 (noarch):
java-1_8_0-openjdk-javadoc-1.8.0.101-15.1
References:
https://www.suse.com/security/cve/CVE-2016-3458.html
https://www.suse.com/security/cve/CVE-2016-3485.html
https://www.suse.com/security/cve/CVE-2016-3498.html
https://www.suse.com/security/cve/CVE-2016-3500.html
https://www.suse.com/security/cve/CVE-2016-3503.html
https://www.suse.com/security/cve/CVE-2016-3508.html
https://www.suse.com/security/cve/CVE-2016-3511.html
https://www.suse.com/security/cve/CVE-2016-3550.html
https://www.suse.com/security/cve/CVE-2016-3552.html
https://www.suse.com/security/cve/CVE-2016-3587.html
https://www.suse.com/security/cve/CVE-2016-3598.html
https://www.suse.com/security/cve/CVE-2016-3606.html
https://www.suse.com/security/cve/CVE-2016-3610.html
https://bugzilla.suse.com/984684
https://bugzilla.suse.com/987895
https://bugzilla.suse.com/988651
https://bugzilla.suse.com/989721
https://bugzilla.suse.com/989722
https://bugzilla.suse.com/989723
https://bugzilla.suse.com/989725
https://bugzilla.suse.com/989726
https://bugzilla.suse.com/989727
https://bugzilla.suse.com/989728
https://bugzilla.suse.com/989729
https://bugzilla.suse.com/989730
https://bugzilla.suse.com/989731
https://bugzilla.suse.com/989732
https://bugzilla.suse.com/989733
https://bugzilla.suse.com/989734
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:2050-1: important: Security update for java-1_7_0-openjdk
by opensuse-security@opensuse.org 11 Aug '16
by opensuse-security@opensuse.org 11 Aug '16
11 Aug '16
openSUSE Security Update: Security update for java-1_7_0-openjdk
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2050-1
Rating: important
References: #988651 #989722 #989723 #989725 #989727 #989728
#989729 #989730 #989731 #989732 #989733 #989734
Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498
CVE-2016-3500 CVE-2016-3503 CVE-2016-3508
CVE-2016-3511 CVE-2016-3550 CVE-2016-3598
CVE-2016-3606 CVE-2016-3610
Affected Products:
openSUSE 13.2
______________________________________________________________________________
An update that solves 11 vulnerabilities and has one errata
is now available.
Description:
This update for java-1_7_0-openjdk fixes the following issues:
- Update to 2.6.7 - OpenJDK 7u111
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8147771: Construction of static protection domains under Javax
custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
* Import of OpenJDK 7 u111 build 0
- S6953295: Move few sun.security.{util, x509, pkcs} classes used by
keytool/jarsigner to another package
- S7060849: Eliminate pack200 build warnings
- S7064075: Security libraries don't build with javac
-Xlint:all,-deprecation -Werror
- S7069870: Parts of the JDK erroneously rely on generic array
initializers with diamond
- S7102686: Restructure timestamp code so that jars and modules can
more easily share the same code
- S7105780: Add SSLSocket client/SSLEngine server to templates
directory
- S7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom
instances when timestamping is not done
- S7152582: PKCS11 tests should use the NSS libraries available in the
OS
- S7192202: Make sure keytool prints both unknown and unparseable
extensions
- S7194449: String resources for Key Tool and Policy Tool should be in
their respective packages
- S7196855: autotest.sh fails on ubuntu because libsoftokn.so not found
- S7200682: TEST_BUG: keytool/autotest.sh still has problems with
libsoftokn.so
- S8002306: (se) Selector.open fails if invoked with thread interrupt
status set [win]
- S8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as
defined in RFC3161
- S8019341: Update CookieHttpsClientTest to use the newer framework.
- S8022228: Intermittent test failures in
sun/security/ssl/javax/net/ssl/NewAPIs
- S8022439: Fix lint warnings in sun.security.ec
- S8022594: Potential deadlock in <clinit> of sun.nio.ch.Util/IOUtil
- S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
- S8036612: [parfait] JNI exception pending in
jdk/src/windows/native/sun/security/mscapi/security.cpp
- S8037557: test SessionCacheSizeTests.java timeout
- S8038837: Add support to jarsigner for specifying timestamp hash
algorithm
- S8079410: Hotspot version to share the same update and build version
from JDK
- S8130735: javax.swing.TimerQueue: timer fires late when another
timer starts
- S8139436: sun.security.mscapi.KeyStore might load incomplete data
- S8144313: Test SessionTimeOutTests can be timeout
- S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed
out
- S8146669: Test SessionTimeOutTests fails intermittently
- S8146993: Several javax/management/remote/mandatory regression tests
fail after JDK-8138811
- S8147857: [TEST] RMIConnector logs attribute names incorrectly
- S8151841, PR3098: Build needs additional flags to compile with GCC 6
- S8151876: (tz) Support tzdata2016d
- S8157077: 8u101 L10n resource file updates
- S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow not
known.
* Import of OpenJDK 7 u111 build 1
- S7081817:
test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java f
ailing
- S8140344: add support for 3 digit update release numbers
- S8145017: Add support for 3 digit hotspot minor version numbers
- S8162344: The API changes made by CR 7064075 need to be reverted
* Backports
- S2178143, PR2958: JVM crashes if the number of bound CPUs changed
during runtime
- S4900206, PR3101: Include worst-case rounding tests for Math library
functions
- S6260348, PR3067: GTK+ L&F JTextComponent not respecting desktop
caret blink rate
- S6934604, PR3075: enable parts of EliminateAutoBox by default
- S7043064, PR3020: sun/java2d/cmm/ tests failed against RI b141 &
b138-nightly
- S7051394, PR3020: NullPointerException when running regression tests
LoadProfileTest by using openjdk-7-b144
- S7086015, PR3013: fix
test/tools/javac/parser/netbeans/JavacParserTest.java
- S7119487, PR3013: JavacParserTest.java test fails on Windows
platforms
- S7124245, PR3020: [lcms] ColorConvertOp to color space CS_GRAY
apparently converts orange to 244,244,0
- S7159445, PR3013: (javac) emits inaccurate diagnostics for enhanced
for-loops
- S7175845, PR1437, RH1207129: 'jar uf' changes file permissions
unexpectedly
- S8005402, PR3020: Need to provide benchmarks for color management
- S8005530, PR3020: [lcms] Improve performance of ColorConverOp for
default destinations
- S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not
transferred from source to destination.
- S8013430, PR3020: REGRESSION:
closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java fail
s with java.io.StreamCorruptedException: invalid type code: EE since
8b87
- S8014286, PR3075: failed java/lang/Math/DivModTests.java after
6934604 changes
- S8014959, PR3075: assert(Compile::current()->live_nodes() <
(uint)MaxNodeLimit) failed: Live Node limit exceeded limit
- S8019247, PR3075: SIGSEGV in compiled method
c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object
- S8024511, PR3020: Crash during color profile destruction
- S8025429, PR3020: [parfait] warnings from b107 for sun.java2d.cmm:
JNI exception pending
- S8026702, PR3020: Fix for 8025429 breaks jdk build on windows
- S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for Java_awt
test suit
- S8047066, PR3020: Test test/sun/awt/image/bug8038000.java fails with
ClassCastException
- S8069181, PR3012, RH1015612: java.lang.AssertionError when compiling
JDK 1.4 code in JDK 8
- S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt can lead
to the generation of illegal instructions (bsc#988651)
- S8159244, PR3075: Partially initialized string object created by
C2's string concat optimization may escape
* Bug fixes
- PR2799, RH1195203: Files are missing from resources.jar
- PR2900: Don't use WithSeed versions of NSS functions as they don't
fully process the seed
- PR3091: SystemTap is heavily confused by multiple JDKs
- PR3102: Extend 8022594 to AixPollPort
- PR3103: Handle case in clean-fonts where
linux.fontconfig.Gentoo.properties.old has not been created
- PR3111: Provide option to disable SystemTap tests
- PR3114: Don't assume system mime.types supports text/x-java-source
- PR3115: Add check for elliptic curve cryptography implementation
- PR3116: Add tests for Java debug info and source files
- PR3118: Path to agpl-3.0.txt not updated
- PR3119: Makefile handles cacerts as a symlink, but the configure
check doesn't
* AArch64 port
- S8148328, PR3100: aarch64: redundant lsr instructions in stub code.
- S8148783, PR3100: aarch64: SEGV running SpecJBB2013
- S8148948, PR3100: aarch64: generate_copy_longs calls align()
incorrectly
- S8150045, PR3100: arraycopy causes segfaults in SATB during garbage
collection
- S8154537, PR3100: AArch64: some integer rotate instructions are
never emitted
- S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads in
wrong mode
- S8157906, PR3100: aarch64: some more integer rotate instructions are
never emitted
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-976=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i586 x86_64):
java-1_7_0-openjdk-1.7.0.111-25.1
java-1_7_0-openjdk-accessibility-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-devel-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-headless-1.7.0.111-25.1
java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-debugsource-1.7.0.111-25.1
java-1_7_0-openjdk-demo-1.7.0.111-25.1
java-1_7_0-openjdk-demo-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-devel-1.7.0.111-25.1
java-1_7_0-openjdk-devel-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-headless-1.7.0.111-25.1
java-1_7_0-openjdk-headless-debuginfo-1.7.0.111-25.1
java-1_7_0-openjdk-src-1.7.0.111-25.1
- openSUSE 13.2 (noarch):
java-1_7_0-openjdk-javadoc-1.7.0.111-25.1
References:
https://www.suse.com/security/cve/CVE-2016-3458.html
https://www.suse.com/security/cve/CVE-2016-3485.html
https://www.suse.com/security/cve/CVE-2016-3498.html
https://www.suse.com/security/cve/CVE-2016-3500.html
https://www.suse.com/security/cve/CVE-2016-3503.html
https://www.suse.com/security/cve/CVE-2016-3508.html
https://www.suse.com/security/cve/CVE-2016-3511.html
https://www.suse.com/security/cve/CVE-2016-3550.html
https://www.suse.com/security/cve/CVE-2016-3598.html
https://www.suse.com/security/cve/CVE-2016-3606.html
https://www.suse.com/security/cve/CVE-2016-3610.html
https://bugzilla.suse.com/988651
https://bugzilla.suse.com/989722
https://bugzilla.suse.com/989723
https://bugzilla.suse.com/989725
https://bugzilla.suse.com/989727
https://bugzilla.suse.com/989728
https://bugzilla.suse.com/989729
https://bugzilla.suse.com/989730
https://bugzilla.suse.com/989731
https://bugzilla.suse.com/989732
https://bugzilla.suse.com/989733
https://bugzilla.suse.com/989734
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0