openSUSE Security Announce
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
June 2016
- 1 participants
- 62 discussions
[security-announce] SUSE-SU-2016:1710-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 30 Jun '16
by opensuse-security@opensuse.org 30 Jun '16
30 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1710-1
Rating: important
References: #986362
Cross-References: CVE-2016-4998
Affected Products:
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
The SUSE Linux Enterprise 12 GA kernel was updated to receive one critical
security fix.
Security issue fixed:
- CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables
handling could lead to a local privilege escalation. (bsc#986362)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2016-1013=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2016-1013=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2016-1013=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1013=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1013=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-1013=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
kernel-default-debuginfo-3.12.60-52.54.2
kernel-default-debugsource-3.12.60-52.54.2
kernel-default-extra-3.12.60-52.54.2
kernel-default-extra-debuginfo-3.12.60-52.54.2
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
kernel-obs-build-3.12.60-52.54.3
kernel-obs-build-debugsource-3.12.60-52.54.3
- SUSE Linux Enterprise Software Development Kit 12 (noarch):
kernel-docs-3.12.60-52.54.3
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
kernel-default-3.12.60-52.54.2
kernel-default-base-3.12.60-52.54.2
kernel-default-base-debuginfo-3.12.60-52.54.2
kernel-default-debuginfo-3.12.60-52.54.2
kernel-default-debugsource-3.12.60-52.54.2
kernel-default-devel-3.12.60-52.54.2
kernel-syms-3.12.60-52.54.1
- SUSE Linux Enterprise Server 12 (x86_64):
kernel-xen-3.12.60-52.54.2
kernel-xen-base-3.12.60-52.54.2
kernel-xen-base-debuginfo-3.12.60-52.54.2
kernel-xen-debuginfo-3.12.60-52.54.2
kernel-xen-debugsource-3.12.60-52.54.2
kernel-xen-devel-3.12.60-52.54.2
- SUSE Linux Enterprise Server 12 (noarch):
kernel-devel-3.12.60-52.54.1
kernel-macros-3.12.60-52.54.1
kernel-source-3.12.60-52.54.1
- SUSE Linux Enterprise Server 12 (s390x):
kernel-default-man-3.12.60-52.54.2
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.60-52.54.2
kernel-ec2-debuginfo-3.12.60-52.54.2
kernel-ec2-debugsource-3.12.60-52.54.2
kernel-ec2-devel-3.12.60-52.54.2
kernel-ec2-extra-3.12.60-52.54.2
kernel-ec2-extra-debuginfo-3.12.60-52.54.2
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_60-52_54-default-1-2.3
kgraft-patch-3_12_60-52_54-xen-1-2.3
- SUSE Linux Enterprise Desktop 12 (noarch):
kernel-devel-3.12.60-52.54.1
kernel-macros-3.12.60-52.54.1
kernel-source-3.12.60-52.54.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
kernel-default-3.12.60-52.54.2
kernel-default-debuginfo-3.12.60-52.54.2
kernel-default-debugsource-3.12.60-52.54.2
kernel-default-devel-3.12.60-52.54.2
kernel-default-extra-3.12.60-52.54.2
kernel-default-extra-debuginfo-3.12.60-52.54.2
kernel-syms-3.12.60-52.54.1
kernel-xen-3.12.60-52.54.2
kernel-xen-debuginfo-3.12.60-52.54.2
kernel-xen-debugsource-3.12.60-52.54.2
kernel-xen-devel-3.12.60-52.54.2
References:
https://www.suse.com/security/cve/CVE-2016-4998.html
https://bugzilla.suse.com/986362
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1709-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 30 Jun '16
by opensuse-security@opensuse.org 30 Jun '16
30 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1709-1
Rating: important
References: #971770 #972124 #981143 #983394 #986362
Cross-References: CVE-2016-4998
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP1
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that solves one vulnerability and has four fixes
is now available.
Description:
The SUSE Linux Enterprise 12 kernel was updated to receive critical
security and bugfixes.
Security issue fixed:
- CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables
handling could lead to a local privilege escalation. (bsc#986362)
The following non-security bugs were fixed:
- KVM: x86: expose invariant tsc cpuid bit (v2) (bsc#971770).
- block: do not check request size in blk_cloned_rq_check_limits()
(bsc#972124).
- rbd: handle OBJ_REQUEST_SG types for copyup (bsc#983394).
- target/rbd: do not put snap_context twice (bsc#981143).
- target/rbd: remove caw_mutex usage (bsc#981143).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP1:
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1012=1
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1012=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1012=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1012=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1012=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1012=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64):
kernel-default-debuginfo-3.12.59-60.45.2
kernel-default-debugsource-3.12.59-60.45.2
kernel-default-extra-3.12.59-60.45.2
kernel-default-extra-debuginfo-3.12.59-60.45.2
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
kernel-obs-build-3.12.59-60.45.3
kernel-obs-build-debugsource-3.12.59-60.45.3
- SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch):
kernel-docs-3.12.59-60.45.4
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
kernel-default-3.12.59-60.45.2
kernel-default-base-3.12.59-60.45.2
kernel-default-base-debuginfo-3.12.59-60.45.2
kernel-default-debuginfo-3.12.59-60.45.2
kernel-default-debugsource-3.12.59-60.45.2
kernel-default-devel-3.12.59-60.45.2
kernel-syms-3.12.59-60.45.1
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
kernel-xen-3.12.59-60.45.2
kernel-xen-base-3.12.59-60.45.2
kernel-xen-base-debuginfo-3.12.59-60.45.2
kernel-xen-debuginfo-3.12.59-60.45.2
kernel-xen-debugsource-3.12.59-60.45.2
kernel-xen-devel-3.12.59-60.45.2
- SUSE Linux Enterprise Server 12-SP1 (noarch):
kernel-devel-3.12.59-60.45.1
kernel-macros-3.12.59-60.45.1
kernel-source-3.12.59-60.45.1
- SUSE Linux Enterprise Server 12-SP1 (s390x):
kernel-default-man-3.12.59-60.45.2
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.59-60.45.2
kernel-ec2-debuginfo-3.12.59-60.45.2
kernel-ec2-debugsource-3.12.59-60.45.2
kernel-ec2-devel-3.12.59-60.45.2
kernel-ec2-extra-3.12.59-60.45.2
kernel-ec2-extra-debuginfo-3.12.59-60.45.2
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_59-60_45-default-1-2.3
kgraft-patch-3_12_59-60_45-xen-1-2.3
- SUSE Linux Enterprise Desktop 12-SP1 (noarch):
kernel-devel-3.12.59-60.45.1
kernel-macros-3.12.59-60.45.1
kernel-source-3.12.59-60.45.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
kernel-default-3.12.59-60.45.2
kernel-default-debuginfo-3.12.59-60.45.2
kernel-default-debugsource-3.12.59-60.45.2
kernel-default-devel-3.12.59-60.45.2
kernel-default-extra-3.12.59-60.45.2
kernel-default-extra-debuginfo-3.12.59-60.45.2
kernel-syms-3.12.59-60.45.1
kernel-xen-3.12.59-60.45.2
kernel-xen-debuginfo-3.12.59-60.45.2
kernel-xen-debugsource-3.12.59-60.45.2
kernel-xen-devel-3.12.59-60.45.2
References:
https://www.suse.com/security/cve/CVE-2016-4998.html
https://bugzilla.suse.com/971770
https://bugzilla.suse.com/972124
https://bugzilla.suse.com/981143
https://bugzilla.suse.com/983394
https://bugzilla.suse.com/986362
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1707-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 30 Jun '16
by opensuse-security@opensuse.org 30 Jun '16
30 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1707-1
Rating: important
References: #898592 #940413 #946122 #949752 #956852 #957988
#957990 #959381 #960458 #961512 #963998 #965319
#965860 #965923 #967863 #968010 #968018 #968141
#968566 #968670 #968687 #969356 #970504 #970892
#970909 #970911 #970948 #970956 #970958 #970970
#971124 #971125 #971360 #971433 #971729 #972363
#973237 #973378 #973556 #973570 #975772 #975945
Cross-References: CVE-2015-1339 CVE-2015-7566 CVE-2015-8551
CVE-2015-8552 CVE-2015-8816 CVE-2016-2143
CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
CVE-2016-2188 CVE-2016-2782 CVE-2016-2847
CVE-2016-3137 CVE-2016-3138 CVE-2016-3139
CVE-2016-3140 CVE-2016-3156
Affected Products:
SUSE Linux Enterprise Real Time Extension 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 17 vulnerabilities and has 25 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-1339: Memory leak in the cuse_channel_release function in
fs/fuse/cuse.c in the Linux kernel allowed local users to cause a denial
of service (memory consumption) or possibly have unspecified other
impact by opening /dev/cuse many times (bnc#969356).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a bulk-out endpoint (bnc#961512).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86
system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
local guest administrators to hit BUG conditions and cause a denial of
service (NULL pointer dereference and host OS crash) by leveraging a
system with access to a passed-through MSI or MSI-X capable physical PCI
device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux
pciback missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86
system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
local guest administrators to generate a continuous stream
of WARN messages and cause a denial of service (disk consumption) by
leveraging a system with access to a passed-through MSI or MSI-X
capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka
"Linux pciback missing sanity checks (bnc#957990).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified
other impact by unplugging a USB hub device (bnc#968010).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390
platforms mishandles the case of four page-table levels, which allowed
local users to cause a denial of service (system crash) or possibly have
unspecified other impact via a crafted application, related to
arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h
(bnc#970504).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount
of unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
The following non-security bugs were fixed:
- acpi / pci: Account for ARI in _PRT lookups (bsc#968566).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- alsa: pcm: Fix potential deadlock in OSS emulation (bsc#968018).
- alsa: rawmidi: Fix race at copying & updating the position (bsc#968018).
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix double port list deletion (bsc#968018).
- alsa: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup()
(bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- alsa: seq: Fix lockdep warnings due to double mutex locks (bsc#968018).
- alsa: seq: Fix race at closing in virmidi driver (bsc#968018).
- alsa: seq: Fix yet another races among ALSA timer accesses (bsc#968018).
- alsa: timer: Call notifier in the same spinlock (bsc#973378).
- alsa: timer: Code cleanup (bsc#968018).
- alsa: timer: Fix leftover link at closing (bsc#968018).
- alsa: timer: Fix link corruption due to double start or stop
(bsc#968018).
- alsa: timer: Fix race between stop and interrupt (bsc#968018).
- alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018).
- alsa: timer: Protect the whole snd_timer_close() with open race
(bsc#973378).
- alsa: timer: Sync timer deletion at closing the system timer
(bsc#973378).
- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- fs, seqfile: always allow oom killer (bnc#968687).
- fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- fs, seq_file: fallback to vmalloc instead of oom kill processes
(bnc#968687).
- hpsa: fix issues with multilun devices (bsc#959381).
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- iommu/vt-d: Improve fault handler error messages (bsc#975772).
- iommu/vt-d: Ratelimit fault handler (bsc#975772).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs
(bsc#956852).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- kabi, fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- kabi: Import kabi files from kernel 3.0.101-71
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- kabi: Restore kabi after lock-owner change (bnc#968141).
- llist: Add llist_next() (fate#316876).
- make vfree() safe to call from interrupt contexts (fate#316876).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- net/core: dev_mc_sync_multiple calls wrong helper (bsc#971433).
- net/core: __hw_addr_create_ex does not initialize sync_cnt (bsc#971433).
- net/core: __hw_addr_sync_one / _multiple broken (bsc#971433).
- net/core: __hw_addr_unsync_one "from" address not marked synced
(bsc#971433).
- nfs4: treat lock owners as opaque values (bnc#968141).
- nfsd4: return nfserr_symlink on v4 OPEN of non-regular file (bsc#973237).
- nfsd: do not fail unchecked creates of non-special files (bsc#973237).
- nfs: use smaller allocations for 'struct idmap' (bsc#965923).
- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
- pciback: Save the number of MSI-X entries to be copied later
(bsc#957988).
- pci: Move pci_ari_enabled() to global header (bsc#968566).
- pci: Update PCI VPD size patch to upstream: - PCI: Determine actual VPD
size on first access (bsc#971729). - PCI: Update VPD definitions
(bsc#971729).
- rdma/ucma: Fix AB-BA deadlock (bsc#963998).
- s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413).
- scsi_dh_alua: Do not block request queue if workqueue is active
(bsc#960458).
- scsi: mpt2sas: Rearrange the the code so that the completion queues are
initialized prior to sending the request to controller firmware
(bsc#967863).
- skb: Add inline helper for getting the skb end offset from head
(bsc#956852).
- tcp: avoid order-1 allocations on wifi and tx path (bsc#956852).
- tcp: fix skb_availroom() (bsc#956852).
- usb: usbip: fix potential out-of-bounds write (bnc#975945).
- vmxnet3: set carrier state properly on probe (bsc#972363).
- vmxnet3: set netdev parant device before calling netdev_info
(bsc#972363).
- xfrm: do not segment UFO packets (bsc#946122).
- xfs: fix sgid inheritance for subdirectories inheriting default acls
[V3] (bsc#965860).
- xhci: Workaround to get Intel xHCI reset working more reliably
(bnc#898592).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time Extension 11-SP4:
zypper in -t patch slertesp4-kernel-rt-12636=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-kernel-rt-12636=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64):
kernel-rt-3.0.101.rt130-54.1
kernel-rt-base-3.0.101.rt130-54.1
kernel-rt-devel-3.0.101.rt130-54.1
kernel-rt_trace-3.0.101.rt130-54.1
kernel-rt_trace-base-3.0.101.rt130-54.1
kernel-rt_trace-devel-3.0.101.rt130-54.1
kernel-source-rt-3.0.101.rt130-54.1
kernel-syms-rt-3.0.101.rt130-54.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64):
kernel-rt-debuginfo-3.0.101.rt130-54.1
kernel-rt-debugsource-3.0.101.rt130-54.1
kernel-rt_debug-debuginfo-3.0.101.rt130-54.1
kernel-rt_debug-debugsource-3.0.101.rt130-54.1
kernel-rt_trace-debuginfo-3.0.101.rt130-54.1
kernel-rt_trace-debugsource-3.0.101.rt130-54.1
References:
https://www.suse.com/security/cve/CVE-2015-1339.html
https://www.suse.com/security/cve/CVE-2015-7566.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2016-2143.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://bugzilla.suse.com/898592
https://bugzilla.suse.com/940413
https://bugzilla.suse.com/946122
https://bugzilla.suse.com/949752
https://bugzilla.suse.com/956852
https://bugzilla.suse.com/957988
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/959381
https://bugzilla.suse.com/960458
https://bugzilla.suse.com/961512
https://bugzilla.suse.com/963998
https://bugzilla.suse.com/965319
https://bugzilla.suse.com/965860
https://bugzilla.suse.com/965923
https://bugzilla.suse.com/967863
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968018
https://bugzilla.suse.com/968141
https://bugzilla.suse.com/968566
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/968687
https://bugzilla.suse.com/969356
https://bugzilla.suse.com/970504
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/971433
https://bugzilla.suse.com/971729
https://bugzilla.suse.com/972363
https://bugzilla.suse.com/973237
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973556
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/975772
https://bugzilla.suse.com/975945
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1703-1: important: Security update for qemu
by opensuse-security@opensuse.org 29 Jun '16
by opensuse-security@opensuse.org 29 Jun '16
29 Jun '16
SUSE Security Update: Security update for qemu
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1703-1
Rating: important
References: #886378 #940929 #958491 #958917 #959005 #959386
#960334 #960708 #960725 #960835 #961332 #961333
#961358 #961556 #961691 #962320 #963782 #964411
#964413 #967969 #969121 #969122 #969350 #970036
#970037 #975128 #975136 #975700 #976109 #978158
#978160 #980711 #980723 #981266
Cross-References: CVE-2015-5745 CVE-2015-7549 CVE-2015-8504
CVE-2015-8558 CVE-2015-8567 CVE-2015-8568
CVE-2015-8613 CVE-2015-8619 CVE-2015-8743
CVE-2015-8744 CVE-2015-8745 CVE-2015-8817
CVE-2015-8818 CVE-2016-1568 CVE-2016-1714
CVE-2016-1922 CVE-2016-1981 CVE-2016-2197
CVE-2016-2198 CVE-2016-2538 CVE-2016-2841
CVE-2016-2857 CVE-2016-2858 CVE-2016-3710
CVE-2016-3712 CVE-2016-4001 CVE-2016-4002
CVE-2016-4020 CVE-2016-4037 CVE-2016-4439
CVE-2016-4441 CVE-2016-4952
Affected Products:
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that solves 32 vulnerabilities and has two fixes
is now available.
Description:
qemu was updated to fix 29 security issues.
These security issues were fixed:
- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
- CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266)
- CVE-2015-8817: Avoid OOB access in PCI dma I/O (bsc#969121)
- CVE-2015-8818: Avoid OOB access in PCI dma I/O (bsc#969122)
- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for
guest escape (bsc#978158)
- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit
(bsc#978160)
- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
- CVE-2016-2538: Fixed potential OOB access in USB net device emulation
(bsc#967969)
- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number
generator (bsc#970036)
- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic
(bsc#975128)
- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller
(bsc#975136)
- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access
(bsc#975700)
- CVE-2016-2197: Prevent AHCI NULL pointer dereference when using FIS CLB
engine (bsc#964411)
- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
- CVE-2015-8504: VNC floating point exception (bsc#958491).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS
(bsc#959005).
- CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak
host memory (bsc#959386).
- CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak
host memory (bsc#959386).
- CVE-2015-8613: Wrong sized memset in megasas command handler
(bsc#961358).
- CVE-2015-8619: Potential DoS for long HMP sendkey command argument
(bsc#960334).
- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions
(bsc#960725).
- CVE-2015-8744: Incorrect l2 header validation could have lead to a crash
via assert(2) call (bsc#960835).
- CVE-2015-8745: Reading IMR registers could have lead to a crash via
assert(2) call (bsc#960708).
- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
- CVE-2016-1714: Potential OOB memory access in processing firmware
configuration (bsc#961691).
- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command
(bsc#962320).
- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation
by malicious privileged user within guest (bsc#963782).
- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by
writing to read-only EHCI capabilities registers (bsc#964413).
This non-security issue was fixed
- bsc#886378: qemu truncates vhd images in virt-rescue
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1007=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1007=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
qemu-2.3.1-14.1
qemu-block-curl-2.3.1-14.1
qemu-block-curl-debuginfo-2.3.1-14.1
qemu-debugsource-2.3.1-14.1
qemu-guest-agent-2.3.1-14.1
qemu-guest-agent-debuginfo-2.3.1-14.1
qemu-lang-2.3.1-14.1
qemu-tools-2.3.1-14.1
qemu-tools-debuginfo-2.3.1-14.1
- SUSE Linux Enterprise Server 12-SP1 (s390x x86_64):
qemu-kvm-2.3.1-14.1
- SUSE Linux Enterprise Server 12-SP1 (ppc64le):
qemu-ppc-2.3.1-14.1
qemu-ppc-debuginfo-2.3.1-14.1
- SUSE Linux Enterprise Server 12-SP1 (noarch):
qemu-ipxe-1.0.0-14.1
qemu-seabios-1.8.1-14.1
qemu-sgabios-8-14.1
qemu-vgabios-1.8.1-14.1
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
qemu-block-rbd-2.3.1-14.1
qemu-block-rbd-debuginfo-2.3.1-14.1
qemu-x86-2.3.1-14.1
- SUSE Linux Enterprise Server 12-SP1 (s390x):
qemu-s390-2.3.1-14.1
qemu-s390-debuginfo-2.3.1-14.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
qemu-2.3.1-14.1
qemu-block-curl-2.3.1-14.1
qemu-block-curl-debuginfo-2.3.1-14.1
qemu-debugsource-2.3.1-14.1
qemu-kvm-2.3.1-14.1
qemu-tools-2.3.1-14.1
qemu-tools-debuginfo-2.3.1-14.1
qemu-x86-2.3.1-14.1
- SUSE Linux Enterprise Desktop 12-SP1 (noarch):
qemu-ipxe-1.0.0-14.1
qemu-seabios-1.8.1-14.1
qemu-sgabios-8-14.1
qemu-vgabios-1.8.1-14.1
References:
https://www.suse.com/security/cve/CVE-2015-5745.html
https://www.suse.com/security/cve/CVE-2015-7549.html
https://www.suse.com/security/cve/CVE-2015-8504.html
https://www.suse.com/security/cve/CVE-2015-8558.html
https://www.suse.com/security/cve/CVE-2015-8567.html
https://www.suse.com/security/cve/CVE-2015-8568.html
https://www.suse.com/security/cve/CVE-2015-8613.html
https://www.suse.com/security/cve/CVE-2015-8619.html
https://www.suse.com/security/cve/CVE-2015-8743.html
https://www.suse.com/security/cve/CVE-2015-8744.html
https://www.suse.com/security/cve/CVE-2015-8745.html
https://www.suse.com/security/cve/CVE-2015-8817.html
https://www.suse.com/security/cve/CVE-2015-8818.html
https://www.suse.com/security/cve/CVE-2016-1568.html
https://www.suse.com/security/cve/CVE-2016-1714.html
https://www.suse.com/security/cve/CVE-2016-1922.html
https://www.suse.com/security/cve/CVE-2016-1981.html
https://www.suse.com/security/cve/CVE-2016-2197.html
https://www.suse.com/security/cve/CVE-2016-2198.html
https://www.suse.com/security/cve/CVE-2016-2538.html
https://www.suse.com/security/cve/CVE-2016-2841.html
https://www.suse.com/security/cve/CVE-2016-2857.html
https://www.suse.com/security/cve/CVE-2016-2858.html
https://www.suse.com/security/cve/CVE-2016-3710.html
https://www.suse.com/security/cve/CVE-2016-3712.html
https://www.suse.com/security/cve/CVE-2016-4001.html
https://www.suse.com/security/cve/CVE-2016-4002.html
https://www.suse.com/security/cve/CVE-2016-4020.html
https://www.suse.com/security/cve/CVE-2016-4037.html
https://www.suse.com/security/cve/CVE-2016-4439.html
https://www.suse.com/security/cve/CVE-2016-4441.html
https://www.suse.com/security/cve/CVE-2016-4952.html
https://bugzilla.suse.com/886378
https://bugzilla.suse.com/940929
https://bugzilla.suse.com/958491
https://bugzilla.suse.com/958917
https://bugzilla.suse.com/959005
https://bugzilla.suse.com/959386
https://bugzilla.suse.com/960334
https://bugzilla.suse.com/960708
https://bugzilla.suse.com/960725
https://bugzilla.suse.com/960835
https://bugzilla.suse.com/961332
https://bugzilla.suse.com/961333
https://bugzilla.suse.com/961358
https://bugzilla.suse.com/961556
https://bugzilla.suse.com/961691
https://bugzilla.suse.com/962320
https://bugzilla.suse.com/963782
https://bugzilla.suse.com/964411
https://bugzilla.suse.com/964413
https://bugzilla.suse.com/967969
https://bugzilla.suse.com/969121
https://bugzilla.suse.com/969122
https://bugzilla.suse.com/969350
https://bugzilla.suse.com/970036
https://bugzilla.suse.com/970037
https://bugzilla.suse.com/975128
https://bugzilla.suse.com/975136
https://bugzilla.suse.com/975700
https://bugzilla.suse.com/976109
https://bugzilla.suse.com/978158
https://bugzilla.suse.com/978160
https://bugzilla.suse.com/980711
https://bugzilla.suse.com/980723
https://bugzilla.suse.com/981266
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1698-1: important: Security update for kvm
by opensuse-security@opensuse.org 28 Jun '16
by opensuse-security@opensuse.org 28 Jun '16
28 Jun '16
SUSE Security Update: Security update for kvm
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1698-1
Rating: important
References: #895528 #901508 #928393 #934069 #936132 #940929
#944463 #945404 #945987 #945989 #947159 #958491
#958917 #959005 #960334 #960725 #961332 #961333
#961358 #961556 #961691 #962320 #963782 #964413
#967969 #969350 #970036 #970037 #975128 #975136
#975700 #976109 #978158 #978160 #980711 #980723
Cross-References: CVE-2014-3615 CVE-2014-3689 CVE-2014-9718
CVE-2015-3214 CVE-2015-5239 CVE-2015-5278
CVE-2015-5279 CVE-2015-5745 CVE-2015-6855
CVE-2015-7295 CVE-2015-7549 CVE-2015-8504
CVE-2015-8558 CVE-2015-8613 CVE-2015-8619
CVE-2015-8743 CVE-2016-1568 CVE-2016-1714
CVE-2016-1922 CVE-2016-1981 CVE-2016-2198
CVE-2016-2538 CVE-2016-2841 CVE-2016-2857
CVE-2016-2858 CVE-2016-3710 CVE-2016-3712
CVE-2016-4001 CVE-2016-4002 CVE-2016-4020
CVE-2016-4037 CVE-2016-4439 CVE-2016-4441
Affected Products:
SUSE Linux Enterprise Server 11-SP3-LTSS
______________________________________________________________________________
An update that solves 33 vulnerabilities and has three
fixes is now available.
Description:
kvm was updated to fix 33 security issues.
These security issues were fixed:
- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for
guest escape (bsc#978158)
- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit
(bsc#978160)
- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
- CVE-2016-2538: Fixed potential OOB access in USB net device emulation
(bsc#967969)
- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number
generator (bsc#970036)
- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic
(bsc#975128)
- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller
(bsc#975136)
- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access
(bsc#975700)
- CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)
- CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to
avoid any opportunity for guest to cause DoS by abusing that interface
(bsc#928393)
- CVE-2014-3689: Fixed insufficient parameter validation in rectangle
functions (bsc#901508)
- CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to
read host memory by setting the display to a high resolution
(bsc#895528).
- CVE-2015-5239: Integer overflow in vnc_client_read() and
protocol_client_msg() (bsc#944463).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-5279: Heap-based buffer overflow in the ne2000_receive function
in hw/net/ne2000.c in QEMU allowed guest OS users to cause a denial of
service (instance crash) or possibly execute arbitrary code via vectors
related to receiving packets (bsc#945987).
- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
- CVE-2015-6855: hw/ide/core.c in QEMU did not properly restrict the
commands accepted by an ATAPI device, which allowed guest users to cause
a denial of service or possibly have unspecified other impact via
certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command
to an empty drive, which triggers a divide-by-zero error and instance
crash (bsc#945404).
- CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device
(virtio-net) support in QEMU, when big or mergeable receive buffers are
not supported, allowed remote attackers to cause a denial of service
(guest network consumption) via a flood of jumbo frames on the (1)
tuntap or (2) macvtap interface (bsc#947159).
- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
- CVE-2015-8504: VNC floating point exception (bsc#958491).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS
(bsc#959005).
- CVE-2015-8613: Wrong sized memset in megasas command handler
(bsc#961358).
- CVE-2015-8619: Potential DoS for long HMP sendkey command argument
(bsc#960334).
- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions
(bsc#960725).
- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
- CVE-2016-1714: Potential OOB memory access in processing firmware
configuration (bsc#961691).
- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command
(bsc#962320).
- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation
by malicious privileged user within guest (bsc#963782).
- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by
writing to read-only EHCI capabilities registers (bsc#964413).
This non-security issue was fixed:
- Fix case of IDE interface needing busy status set before flush
(bsc#936132)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP3-LTSS:
zypper in -t patch slessp3-kvm-12634=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):
kvm-1.4.2-46.1
References:
https://www.suse.com/security/cve/CVE-2014-3615.html
https://www.suse.com/security/cve/CVE-2014-3689.html
https://www.suse.com/security/cve/CVE-2014-9718.html
https://www.suse.com/security/cve/CVE-2015-3214.html
https://www.suse.com/security/cve/CVE-2015-5239.html
https://www.suse.com/security/cve/CVE-2015-5278.html
https://www.suse.com/security/cve/CVE-2015-5279.html
https://www.suse.com/security/cve/CVE-2015-5745.html
https://www.suse.com/security/cve/CVE-2015-6855.html
https://www.suse.com/security/cve/CVE-2015-7295.html
https://www.suse.com/security/cve/CVE-2015-7549.html
https://www.suse.com/security/cve/CVE-2015-8504.html
https://www.suse.com/security/cve/CVE-2015-8558.html
https://www.suse.com/security/cve/CVE-2015-8613.html
https://www.suse.com/security/cve/CVE-2015-8619.html
https://www.suse.com/security/cve/CVE-2015-8743.html
https://www.suse.com/security/cve/CVE-2016-1568.html
https://www.suse.com/security/cve/CVE-2016-1714.html
https://www.suse.com/security/cve/CVE-2016-1922.html
https://www.suse.com/security/cve/CVE-2016-1981.html
https://www.suse.com/security/cve/CVE-2016-2198.html
https://www.suse.com/security/cve/CVE-2016-2538.html
https://www.suse.com/security/cve/CVE-2016-2841.html
https://www.suse.com/security/cve/CVE-2016-2857.html
https://www.suse.com/security/cve/CVE-2016-2858.html
https://www.suse.com/security/cve/CVE-2016-3710.html
https://www.suse.com/security/cve/CVE-2016-3712.html
https://www.suse.com/security/cve/CVE-2016-4001.html
https://www.suse.com/security/cve/CVE-2016-4002.html
https://www.suse.com/security/cve/CVE-2016-4020.html
https://www.suse.com/security/cve/CVE-2016-4037.html
https://www.suse.com/security/cve/CVE-2016-4439.html
https://www.suse.com/security/cve/CVE-2016-4441.html
https://bugzilla.suse.com/895528
https://bugzilla.suse.com/901508
https://bugzilla.suse.com/928393
https://bugzilla.suse.com/934069
https://bugzilla.suse.com/936132
https://bugzilla.suse.com/940929
https://bugzilla.suse.com/944463
https://bugzilla.suse.com/945404
https://bugzilla.suse.com/945987
https://bugzilla.suse.com/945989
https://bugzilla.suse.com/947159
https://bugzilla.suse.com/958491
https://bugzilla.suse.com/958917
https://bugzilla.suse.com/959005
https://bugzilla.suse.com/960334
https://bugzilla.suse.com/960725
https://bugzilla.suse.com/961332
https://bugzilla.suse.com/961333
https://bugzilla.suse.com/961358
https://bugzilla.suse.com/961556
https://bugzilla.suse.com/961691
https://bugzilla.suse.com/962320
https://bugzilla.suse.com/963782
https://bugzilla.suse.com/964413
https://bugzilla.suse.com/967969
https://bugzilla.suse.com/969350
https://bugzilla.suse.com/970036
https://bugzilla.suse.com/970037
https://bugzilla.suse.com/975128
https://bugzilla.suse.com/975136
https://bugzilla.suse.com/975700
https://bugzilla.suse.com/976109
https://bugzilla.suse.com/978158
https://bugzilla.suse.com/978160
https://bugzilla.suse.com/980711
https://bugzilla.suse.com/980723
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1696-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 28 Jun '16
by opensuse-security@opensuse.org 28 Jun '16
28 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1696-1
Rating: important
References: #662458 #676471 #889207 #897662 #899908 #903279
#908151 #928547 #931448 #937086 #940413 #942262
#943989 #944309 #945345 #951844 #953233 #957805
#958390 #959514 #960857 #962336 #962846 #962872
#963572 #964461 #964727 #965319 #966054 #966573
#967640 #968497 #968687 #968812 #968813 #969016
#970604 #970609 #970892 #970911 #970948 #970955
#970956 #970958 #970970 #971049 #971124 #971126
#971159 #971170 #971600 #971628 #971793 #971947
#972003 #972068 #972174 #972780 #972844 #972891
#972951 #973378 #973556 #973855 #974418 #974646
#974692 #975371 #975488 #975772 #975945 #976739
#976821 #976868 #977582 #977685 #978401 #978527
#978822 #979213 #979347 #983143
Cross-References: CVE-2014-9717 CVE-2016-1583 CVE-2016-2185
CVE-2016-2186 CVE-2016-2188 CVE-2016-2847
CVE-2016-3134 CVE-2016-3136 CVE-2016-3137
CVE-2016-3138 CVE-2016-3140 CVE-2016-3689
CVE-2016-3951 CVE-2016-4482 CVE-2016-4486
CVE-2016-4569
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP1
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that solves 16 vulnerabilities and has 66 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.59 to receive
various security and bugfixes.
Main feature additions:
- Improved support for Clustered File System (CephFS, fate#318586).
- Addition of kGraft patches now produces logging messages to simplify
auditing (fate#317827).
The following security bugs were fixed:
- CVE-2016-1583: Prevent the usage of mmap when the lower file system does
not allow it. This could have lead to local privilege escalation when
ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid
(bsc#983143).
- CVE-2014-9717: fs/namespace.c in the Linux kernel processes MNT_DETACH
umount2 system calls without verifying that the MNT_LOCKED flag is
unset, which allowed local users to bypass intended access restrictions
and navigate to filesystem locations beneath a mount by calling umount2
within a user namespace (bnc#928547).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bsc#970948).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126 971793).
- CVE-2016-3136: The mct_u232_msr_to_state function in
drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted USB device without two
interrupt-in endpoint descriptors (bnc#970955).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor (bnc#970911
970970).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-3689: The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
USB device without both a master and a slave interface (bnc#971628).
- CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (system crash) or possibly have unspecified other
impact by inserting a USB device with an invalid USB descriptor
(bnc#974418).
- CVE-2016-4482: Fixed information leak in devio (bnc#978401).
- CVE-2016-4486: Fixed information leak in rtnetlink ( bsc#978822).
- CVE-2016-4569: Fixed information leak in events via
snd_timer_user_tinterrupt (bsc#979213).
The following non-security bugs were fixed:
- ALSA: timer: Call notifier in the same spinlock (bsc#973378).
- ALSA: timer: Protect the whole snd_timer_close() with open race
(bsc#973378).
- ALSA: timer: Sync timer deletion at closing the system timer
(bsc#973378).
- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- Btrfs: do not collect ordered extents when logging that inode exists
(bsc#977685).
- Btrfs: do not return EBUSY on concurrent subvolume mounts (bsc#951844).
- Btrfs: fix deadlock between direct IO reads and buffered writes
(bsc#973855).
- Btrfs: fix empty symlink after creating symlink and fsync parent dir
(bsc#977685).
- Btrfs: fix file loss on log replay after renaming a file and fsync
(bsc#977685).
- Btrfs: fix file/data loss caused by fsync after rename and new inode
(bsc#977685).
- Btrfs: fix for incorrect directory entries after fsync log replay
(bsc#957805, bsc#977685).
- Btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844).
- Btrfs: fix race between fsync and lockless direct IO writes (bsc#977685).
- Btrfs: fix unreplayable log after snapshot delete + parent dir fsync
(bsc#977685).
- Btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951).
- Btrfs: qgroup: return EINVAL if level of parent is not higher than
child's (bsc#972951).
- Btrfs: teach backref walking about backrefs with underflowed offset
values (bsc#975371).
- CacheFiles: Fix incorrect test for in-memory object collision
(bsc#971049).
- CacheFiles: Handle object being killed before being set up (bsc#971049).
- Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739).
- Drivers: hv: util: Pass the channel information during the init call
(bnc#978527).
- Drivers: hv: utils: Invoke the poll function after handshake
(bnc#978527).
- Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read().
- Export helper function to set irq affinity in pci-hyperv.
- FS-Cache: Add missing initialization of ret in cachefiles_write_page()
(bsc#971049).
- FS-Cache: Count culled objects and objects rejected due to lack of space
(bsc#971049).
- FS-Cache: Fix cancellation of in-progress operation (bsc#971049).
- FS-Cache: Handle a new operation submitted against a killed object
(bsc#971049).
- FS-Cache: Move fscache_report_unexpected_submission() to make it more
available (bsc#971049).
- FS-Cache: Out of line fscache_operation_init() (bsc#971049).
- FS-Cache: Permit fscache_cancel_op() to cancel in-progress operations
too (bsc#971049).
- FS-Cache: Put an aborted initialised op so that it is accounted
correctly (bsc#971049).
- FS-Cache: Reduce cookie ref count if submit fails (bsc#971049).
- FS-Cache: Synchronise object death state change vs operation submission
(bsc#971049).
- FS-Cache: The operation cancellation method needs calling in more places
(bsc#971049).
- FS-Cache: Timeout for releasepage() (bsc#971049).
- FS-Cache: When submitting an op, cancel it if the target object is dying
(bsc#971049).
- FS-Cache: fscache_object_is_dead() has wrong logic, kill it (bsc#971049).
- Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309)
- Fix kabi issue (bsc#971049).
- Input: i8042 - lower log level for "no controller" message (bsc#945345).
- NFSv4.1: do not use machine credentials for CLOSE when using 'sec=sys'
(bsc#972003).
- NVMe: Unify controller probe and resume (bsc#979347).
- NVMe: init nvme queue before enabling irq (bsc#662458).
- PCI/AER: Fix aer_inject error codes (bsc#931448).
- PCI/AER: Log actual error causes in aer_inject (bsc#931448).
- PCI/AER: Log aer_inject error injections (bsc#931448).
- PCI/AER: Use dev_warn() in aer_inject (bsc#931448).
- RDMA/ocrdma: Avoid reporting wrong completions in case of error CQEs
(bsc#908151).
- Revert "scsi: fix soft lockup in scsi_remove_target() on module removal"
(bsc#970609).
- SUNRPC: Fix large reads on NFS/RDMA (bsc#908151).
- SUNRPC: remove KERN_INFO from dprintk() call sites (bsc#908151).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- Use mainline variant of hyperv KVP IP failover patch (bnc#978527)
- acpi: Disable ACPI table override when UEFI Secure Boot is enabled
(bsc#970604).
- acpi: Disable APEI error injection if securelevel is set (bsc#972891).
- apparmor: Skip proc ns files (bsc#959514).
- cachefiles: perform test on s_blocksize when opening cache file
(bsc#971049).
- ceph fscache: Introduce a routine for uncaching single no data page from
fscache ().
- ceph fscache: Uncaching no data page from fscache in readpage().
- ceph: Add fs/ceph as a supported module.
- ceph: Asynchronous IO support.
- ceph: Avoid to propagate the invalid page point.
- ceph: Clean up if error occurred in finish_read().
- ceph: EIO all operations after forced umount.
- ceph: Implement writev/pwritev for sync operation.
- ceph: Remove racey watch/notify event infrastructure (bsc#964727)
- ceph: Remove racey watch/notify event infrastructure (bsc#964727)
- ceph: add acl for cephfs.
- ceph: add acl, noacl options for cephfs mount.
- ceph: add get_name() NFS export callback.
- ceph: add get_parent() NFS export callback.
- ceph: add imported caps when handling cap export message.
- ceph: add inline data to pagecache.
- ceph: add missing init_acl() for mkdir() and atomic_open().
- ceph: add open export target session helper.
- ceph: add request to i_unsafe_dirops when getting unsafe reply.
- ceph: additional debugfs output.
- ceph: always re-send cap flushes when MDS recovers.
- ceph: avoid block operation when !TASK_RUNNING (ceph_get_caps).
- ceph: avoid block operation when !TASK_RUNNING
(ceph_mdsc_close_sessions).
- ceph: avoid block operation when !TASK_RUNNING (ceph_mdsc_sync).
- ceph: avoid releasing caps that are being used.
- ceph: avoid sending unnessesary FLUSHSNAP message.
- ceph: avoid useless ceph_get_dentry_parent_inode() in ceph_rename().
- ceph: cast PAGE_SIZE to size_t in ceph_sync_write().
- ceph: ceph_frag_contains_value can be boolean.
- ceph: ceph_get_parent() can be static.
- ceph: check OSD caps before read/write.
- ceph: check buffer size in ceph_vxattrcb_layout().
- ceph: check caps in filemap_fault and page_mkwrite.
- ceph: check directory's completeness before emitting directory entry.
- ceph: check inode caps in ceph_d_revalidate.
- ceph: check unsupported fallocate mode.
- ceph: check zero length in ceph_sync_read().
- ceph: checking for IS_ERR instead of NULL.
- ceph: cleanup unsafe requests when reconnecting is denied.
- ceph: cleanup use of ceph_msg_get.
- ceph: clear directory's completeness when creating file.
- ceph: convert inline data to normal data before data write.
- ceph: do not assume r_old_dentry[_dir] always set together.
- ceph: do not chain inode updates to parent fsync.
- ceph: do not grabs open file reference for aborted request.
- ceph: do not include ceph.{file,dir}.layout vxattr in listxattr().
- ceph: do not include used caps in cap_wanted.
- ceph: do not invalidate page cache when inode is no longer used.
- ceph: do not mark dirty caps when there is no auth cap.
- ceph: do not pre-allocate space for cap release messages.
- ceph: do not set r_old_dentry_dir on link().
- ceph: do not trim auth cap when there are cap snaps.
- ceph: do not zero i_wrbuffer_ref when reconnecting is denied.
- ceph: drop cap releases in requests composed before cap reconnect.
- ceph: drop extra open file reference in ceph_atomic_open().
- ceph: drop unconnected inodes.
- ceph: exclude setfilelock requests when calculating oldest tid.
- ceph: export ceph_session_state_name function.
- ceph: fetch inline data when getting Fcr cap refs.
- ceph: fix __dcache_readdir().
- ceph: fix a comment typo.
- ceph: fix append mode write.
- ceph: fix atomic_open snapdir.
- ceph: fix bool assignments.
- ceph: fix cache revoke race.
- ceph: fix ceph_dir_llseek().
- ceph: fix ceph_fh_to_parent().
- ceph: fix ceph_removexattr().
- ceph: fix ceph_set_acl().
- ceph: fix ceph_writepages_start().
- ceph: fix dcache/nocache mount option.
- ceph: fix dentry leaks.
- ceph: fix directory fsync.
- ceph: fix divide-by-zero in __validate_layout().
- ceph: fix double page_unlock() in page_mkwrite().
- ceph: fix dout() compile warnings in ceph_filemap_fault().
- ceph: fix file lock interruption.
- ceph: fix flush tid comparision.
- ceph: fix flushing caps.
- ceph: fix llistxattr on symlink.
- ceph: fix message length computation.
- ceph: fix mksnap crash.
- ceph: fix null pointer dereference in send_mds_reconnect().
- ceph: fix pr_fmt() redefinition.
- ceph: fix queuing inode to mdsdir's snaprealm.
- ceph: fix reading inline data when i_size > PAGE_SIZE.
- ceph: fix request time stamp encoding.
- ceph: fix reset_readdir().
- ceph: fix setting empty extended attribute.
- ceph: fix sizeof(struct tYpO *) typo.
- ceph: fix snap context leak in error path.
- ceph: fix trim caps.
- ceph: fix uninline data function.
- ceph: flush cap release queue when trimming session caps.
- ceph: flush inline version.
- ceph: forbid mandatory file lock.
- ceph: fscache: Update object store limit after file writing.
- ceph: fscache: Wait for completion of object initialization.
- ceph: fscache: add an interface to synchronize object store limit.
- ceph: get inode size for each append write.
- ceph: handle -ESTALE reply.
- ceph: handle SESSION_FORCE_RO message.
- ceph: handle cap export race in try_flush_caps().
- ceph: handle cap import atomically.
- ceph: handle frag mismatch between readdir request and reply.
- ceph: handle race between cap reconnect and cap release.
- ceph: handle session flush message.
- ceph: hold on to exclusive caps on complete directories.
- ceph: implement readv/preadv for sync operation.
- ceph: improve readahead for file holes.
- ceph: improve reference tracking for snaprealm.
- ceph: include time stamp in every MDS request.
- ceph: include time stamp in replayed MDS requests.
- ceph: initial CEPH_FEATURE_FS_FILE_LAYOUT_V2 support.
- ceph: initialize inode before instantiating dentry.
- ceph: introduce a new inode flag indicating if cached dentries are
ordered.
- ceph: introduce ceph_fill_fragtree().
- ceph: introduce global empty snap context.
- ceph: invalidate dirty pages after forced umount.
- ceph: keep i_snap_realm while there are writers.
- ceph: kstrdup() memory handling.
- ceph: let MDS adjust readdir 'frag'.
- ceph: make ceph_forget_all_cached_acls() static inline.
- ceph: make fsync() wait unsafe requests that created/modified inode.
- ceph: make sure syncfs flushes all cap snaps.
- ceph: make sure write caps are registered with auth MDS.
- ceph: match wait_for_completion_timeout return type.
- ceph: message versioning fixes.
- ceph: move ceph_find_inode() outside the s_mutex.
- ceph: move spinlocking into ceph_encode_locks_to_buffer and
ceph_count_locks.
- ceph: no need to get parent inode in ceph_open.
- ceph: parse inline data in MClientReply and MClientCaps.
- ceph: pre-allocate ceph_cap struct for ceph_add_cap().
- ceph: pre-allocate data structure that tracks caps flushing.
- ceph: preallocate buffer for readdir reply.
- ceph: print inode number for LOOKUPINO request.
- ceph: properly apply umask when ACL is enabled.
- ceph: properly handle XATTR_CREATE and XATTR_REPLACE.
- ceph: properly mark empty directory as complete.
- ceph: properly release page upon error.
- ceph: properly zero data pages for file holes.
- ceph: provide seperate {inode,file}_operations for snapdir.
- ceph: queue cap release in __ceph_remove_cap().
- ceph: queue vmtruncate if necessary when handing cap grant/revoke.
- ceph: ratelimit warn messages for MDS closes session.
- ceph: re-send AIO write request when getting -EOLDSNAP error.
- ceph: re-send flushing caps (which are revoked) in reconnect stage.
- ceph: re-send requests when MDS enters reconnecting stage.
- ceph: refactor readpage_nounlock() to make the logic clearer.
- ceph: remember subtree root dirfrag's auth MDS.
- ceph: remove exported caps when handling cap import message.
- ceph: remove outdated frag information.
- ceph: remove redundant code for max file size verification.
- ceph: remove redundant declaration.
- ceph: remove redundant memset(0).
- ceph: remove redundant test of head->safe and silence static analysis
warnings.
- ceph: remove the useless judgement.
- ceph: remove unused functions in ceph_frag.h.
- ceph: remove unused stringification macros.
- ceph: remove useless ACL check.
- ceph: remove xattr when null value is given to setxattr().
- ceph: rename snapshot support.
- ceph: replace comma with a semicolon.
- ceph: request xattrs if xattr_version is zero.
- ceph: reserve caps for file layout/lock MDS requests.
- ceph: reset r_resend_mds after receiving -ESTALE.
- ceph: return error for traceless reply race.
- ceph: rework dcache readdir.
- ceph: send TID of the oldest pending caps flush to MDS.
- ceph: send client metadata to MDS.
- ceph: set caps count after composing cap reconnect message.
- ceph: set i_head_snapc when getting CEPH_CAP_FILE_WR reference.
- ceph: set mds_wanted when MDS reply changes a cap to auth cap.
- ceph: show nocephx_require_signatures and notcp_nodelay options.
- ceph: show non-default options only.
- ceph: simplify ceph_fh_to_dentry().
- ceph: simplify two mount_timeout sites.
- ceph: skip invalid dentry during dcache readdir.
- ceph: support inline data feature.
- ceph: switch some GFP_NOFS memory allocation to GFP_KERNEL.
- ceph: sync read inline data.
- ceph: take snap_rwsem when accessing snap realm's cached_context.
- ceph: track pending caps flushing accurately.
- ceph: track pending caps flushing globally.
- ceph: trim unused inodes before reconnecting to recovering MDS.
- ceph: trivial comment fix.
- ceph: update i_max_size even if inode version does not change.
- ceph: update inode fields according to issued caps.
- ceph: use %zu for len in ceph_fill_inline_data().
- ceph: use ceph_seq_cmp() to compare migrate_seq.
- ceph: use empty snap context for uninline_data and get_pool_perm.
- ceph: use fl->fl_file as owner identifier of flock and posix lock.
- ceph: use fl->fl_type to decide flock operation.
- ceph: use fpos_cmp() to compare dentry positions.
- ceph: use getattr request to fetch inline data.
- ceph: use i_size_{read,write} to get/set i_size.
- ceph: use msecs_to_jiffies for time conversion.
- ceph: use pagelist to present MDS request data.
- ceph: use truncate_pagecache() instead of truncate_inode_pages().
- ceph_sync_{,direct_}write: fix an oops on ceph_osdc_new_request()
failure.
- client: include kernel version in client metadata.
- cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857,
bsc#974646).
- crush: add chooseleaf_stable tunable.
- crush: decode and initialize chooseleaf_stable.
- crush: ensure bucket id is valid before indexing buckets array.
- crush: ensure take bucket value is valid.
- crush: fix crash from invalid 'take' argument.
- crush: sync up with userspace.
- crypto: testmgr - allow rfc3686 aes-ctr variants in fips mode
(bsc#958390).
- crypto: testmgr - mark authenticated ctr(aes) also as FIPS able
(bsc#958390).
- dasd: fix hanging system after LCU changes (bnc#968497, LTC#136671).
- drm/core: Preserve the framebuffer after removing it (bsc#968812).
- drm/i915: do not warn if backlight unexpectedly enabled (boo#972068).
- drm/i915: set backlight duty cycle after backlight enable for gen4
(boo#972780).
- drm/radeon: fix-up some float to fixed conversion thinkos (bsc#968813).
- drm/radeon: use HDP_MEM_COHERENCY_FLUSH_CNTL for sdma as well
(bsc#968813).
- ext4: Fix softlockups in SEEK_HOLE and SEEK_DATA implementations
(bsc#942262).
- ext4: fix races between page faults and hole punching (bsc#972174).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- fs, seq_file: fallback to vmalloc instead of oom kill processes
(bnc#968687).
- fs, seqfile: always allow oom killer (bnc#968687).
- fs/ceph/debugfs.c: replace seq_printf by seq_puts.
- fs/ceph: replace pr_warning by pr_warn.
- fs/pipe.c: skip file_update_time on frozen fs (bsc#975488).
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- iommu/vt-d: Improve fault handler error messages (bsc#975772).
- iommu/vt-d: Ratelimit fault handler (bsc#975772).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- kABI: kgr: fix subtle race with kgr_module_init(), going notifier and
kgr_modify_kernel().
- kABI: protect function file_open_root.
- kABI: protect include in evm.
- kABI: protect struct user_struct.
- kabi fix for patches.fixes/reduce-m_start-cost (bsc#966573).
- kabi/severities: Allow changes in zpci_* symbols (bsc#974692)
- kabi/severities: Whitelist libceph and rbd (bsc#964727).
- kabi: kgr, add reserved fields.
- kabi: protect struct fc_rport_priv (bsc#953233, bsc#962846).
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- kgr: add TAINT_KGRAFT.
- kgr: add kgraft annotation to hwrng kthread.
- kgr: add kgraft annotations to kthreads' wait_event_freezable() API
calls.
- kgr: add objname to kgr_patch_fun struct.
- kgr: add sympos and objname to error and debug messages.
- kgr: add sympos as disambiguator field to kgr_patch_fun structure.
- kgr: add sympos to sysfs.
- kgr: call kgr_init_ftrace_ops() only for loaded objects.
- kgr: change to kallsyms_on_each_symbol iterator.
- kgr: define pr_fmt and modify all pr_* messages.
- kgr: do not print error for !abort_if_missing symbols (bnc#943989).
- kgr: do not return and print an error only if the object is not loaded.
- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).
- kgr: fix an asymmetric dealing with delayed module loading.
- kgr: fix redirection on s390x arch (bsc#903279).
- kgr: fix subtle race with kgr_module_init(), going notifier and
kgr_modify_kernel().
- kgr: handle btrfs kthreads (bnc#889207).
- kgr: kmemleak, really mark the kthread safe after an interrupt.
- kgr: kmemleak, really mark the kthread safe after an interrupt.
- kgr: log when modifying kernel.
- kgr: mark kernel unsupported upon patch revert.
- kgr: mark some more missed kthreads (bnc#962336).
- kgr: remove abort_if_missing flag.
- kgr: usb/storage: do not emit thread awakened (bnc#899908).
- kgraft/gfs2: Do not block livepatching in the log daemon for too long.
- kgraft/xen: Do not block livepatching in the XEN blkif kthread.
- libceph: Avoid holding the zero page on ceph_msgr_slab_init errors.
- libceph: Fix ceph_tcp_sendpage()'s more boolean usage.
- libceph: MOSDOpReply v7 encoding.
- libceph: Remove spurious kunmap() of the zero page.
- libceph: a couple tweaks for wait loops.
- libceph: add nocephx_sign_messages option.
- libceph: advertise support for TUNABLES5.
- libceph: advertise support for keepalive2.
- libceph: allow setting osd_req_op's flags.
- libceph: check data_len in ->alloc_msg().
- libceph: clear messenger auth_retry flag if we fault.
- libceph: clear msg->con in ceph_msg_release() only.
- libceph: do not access invalid memory in keepalive2 path.
- libceph: do not spam dmesg with stray reply warnings.
- libceph: drop authorizer check from cephx msg signing routines.
- libceph: evaluate osd_req_op_data() arguments only once.
- libceph: fix authorizer invalidation, take 2.
- libceph: fix ceph_msg_revoke().
- libceph: fix wrong name "Ceph filesystem for Linux".
- libceph: introduce ceph_x_authorizer_cleanup().
- libceph: invalidate AUTH in addition to a service ticket.
- libceph: kill off ceph_x_ticket_handler::validity.
- libceph: move ceph_file_layout helpers to ceph_fs.h.
- libceph: msg signing callouts do not need con argument.
- libceph: nuke time_sub().
- libceph: properly release STAT request's raw_data_in.
- libceph: remove con argument in handle_reply().
- libceph: remove outdated comment.
- libceph: remove the unused macro AES_KEY_SIZE.
- libceph: rename con_work() to ceph_con_workfn().
- libceph: set 'exists' flag for newly up osd.
- libceph: stop duplicating client fields in messenger.
- libceph: store timeouts in jiffies, verify user input.
- libceph: treat sockaddr_storage with uninitialized family as blank.
- libceph: use keepalive2 to verify the mon session is alive.
- libceph: use list_for_each_entry_safe.
- libceph: use list_next_entry instead of list_entry_next.
- libceph: use local variable cursor instead of &msg->cursor.
- libceph: use the right footer size when skipping a message.
- libfc: replace 'rp_mutex' with 'rp_lock' (bsc#953233, bsc#962846).
- mds: check cap ID when handling cap export message.
- mmc: Allow forward compatibility for eMMC (bnc#966054).
- mmc: sdhci: Allow for irq being shared (bnc#977582).
- mpt3sas: Fix use sas_is_tlr_enabled API before enabling
MPI2_SCSIIO_CONTROL_TLR_ON flag (bsc#967640).
- nfs-rdma: Fix for FMR leaks (bsc#908151).
- nfs: fix high load average due to callback thread sleeping (bsc#971170).
- nvme: fix max_segments integer truncation (bsc#676471).
- ocfs2: do not set fs read-only if rec[0] is empty while committing
truncate (bnc#971947).
- ocfs2: extend enough credits for freeing one truncate record while
replaying truncate records (bnc#971947).
- ocfs2: extend transaction for ocfs2_remove_rightmost_path() and
ocfs2_update_edge_lengths() before to avoid inconsistency between inode
and et (bnc#971947).
- pipe: limit the per-user amount of pages allocated in pipes (bsc#970948).
- powerpc/book3s64: Fix branching to OOL handlers in relocatable kernel
(bsc@976821).
- powerpc/book3s64: Remove __end_handlers marker (bsc#976821).
- rbd: bump queue_max_segments.
- rbd: delete an unnecessary check before rbd_dev_destroy().
- rbd: do not free rbd_dev outside of the release callback.
- rbd: do not put snap_context twice in rbd_queue_workfn().
- rbd: drop null test before destroy functions.
- rbd: plug rbd_dev->header.object_prefix memory leak.
- rbd: rbd_wq comment is obsolete.
- rbd: remove duplicate calls to rbd_dev_mapping_clear().
- rbd: return -ENOMEM instead of pool id if rbd_dev_create() fails.
- rbd: set device_type::release instead of device::release.
- rbd: set max_sectors explicitly.
- rbd: store rbd_options in rbd_device.
- rbd: terminate rbd_opts_tokens with Opt_err.
- rbd: timeout watch teardown on unmap with mount_timeout.
- rbd: use GFP_NOIO consistently for request allocations (bsc#971159).
- rbd: use writefull op for object size writes.
- reduce m_start() cost.. (bsc#966573).
- s390/compat: correct restore of high gprs on signal return (bnc#968497,
LTC#137571).
- s390/pageattr: do a single TLB flush for change_page_attr (bsc#940413).
- s390/pci: add extra padding to function measurement block (bnc#974692,
LTC#139445).
- s390/pci: enforce fmb page boundary rule (bnc#974692, LTC#139445).
- s390/pci: extract software counters from fmb (bnc#974692, LTC#139445).
- s390/pci: remove pdev pointer from arch data (bnc#974692, LTC#139444).
- s390/pci_dma: fix DMA table corruption with > 4 TB main memory
(bnc#974692, LTC#139401).
- s390/pci_dma: handle dma table failures (bnc#974692, LTC#139442).
- s390/pci_dma: improve debugging of errors during dma map (bnc#974692,
LTC#139442).
- s390/pci_dma: unify label of invalid translation table entries
(bnc#974692, LTC#139442).
- s390/zcrypt: HWRNG registration cause kernel panic on CEX hotplug
(bnc#968497, LTC#138409).
- scsi-bnx2fc-handle_scsi_retry_delay
- scsi-bnx2fc-soft_lockup_when_rmmod
- scsi: Add intermediate STARGET_REMOVE state to scsi_target_state
(bsc#970609).
- scsi: Avoid crashing if device uses DIX but adapter does not support it
(bsc#969016).
- sd: get disk reference in sd_check_events() (bnc#897662).
- supported.conf: Add bridge.ko for OpenStack (bsc#971600)
- supported.conf: add pci-hyperv
- supported.conf:Add drivers/infiniband/hw/ocrdma/ocrdma.ko to
supported.conf (bsc#964461)
- svcrdma: Fence LOCAL_INV work requests (bsc#908151).
- svcrdma: advertise the correct max payload (bsc#908151).
- svcrdma: fix offset calculation for non-page aligned sge entries
(bsc#908151).
- svcrdma: fix printk when memory allocation fails (bsc#908151).
- svcrdma: refactor marshalling logic (bsc#908151).
- svcrdma: send_write() must not overflow the device's max sge
(bsc#908151).
- target: Drop incorrect ABORT_TASK put for completed commands
(bsc#962872).
- target: Fix LUN_RESET active I/O handling for ACK_KREF (bsc#962872).
- target: Fix LUN_RESET active TMR descriptor handling (bsc#962872).
- target: Fix TAS handling for multi-session se_node_acls (bsc#962872).
- target: Fix race with SCF_SEND_DELAYED_TAS handling (bsc#962872).
- target: Fix remote-port TMR ABORT + se_cmd fabric stop (bsc#962872).
- tcp: convert cached rtt from usec to jiffies when feeding initial rto
(bsc#937086).
- vgaarb: Add more context to error messages (bsc#976868).
- xen/acpi: Disable ACPI table override when UEFI Secure Boot is enabled
(bsc#970604).
- xprtrdma: Allocate missing pagelist (bsc#908151).
- xprtrdma: Avoid deadlock when credit window is reset (bsc#908151).
- xprtrdma: Disconnect on registration failure (bsc#908151).
- xprtrdma: Ensure ia->ri_id->qp is not NULL when reconnecting
(bsc#908151).
- xprtrdma: Fall back to MTHCAFMR when FRMR is not supported (bsc#908151).
- xprtrdma: Limit work done by completion handler (bsc#908151).
- xprtrdma: Make rpcrdma_ep_destroy() return void (bsc#908151).
- xprtrdma: RPC/RDMA must invoke xprt_wake_pending_tasks() in process
context (bsc#908151).
- xprtrdma: Reduce the number of hardway buffer allocations (bsc#908151).
- xprtrdma: Remove BOUNCEBUFFERS memory registration mode (bsc#908151).
- xprtrdma: Remove BUG_ON() call sites (bsc#908151).
- xprtrdma: Remove MEMWINDOWS registration modes (bsc#908151).
- xprtrdma: Remove REGISTER memory registration mode (bsc#908151).
- xprtrdma: Remove Tavor MTU setting (bsc#908151).
- xprtrdma: Reset connection timeout after successful reconnect
(bsc#908151).
- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (bsc#908151).
- xprtrdma: Split the completion queue (bsc#908151).
- xprtrdma: Use macros for reconnection timeout constants (bsc#908151).
- xprtrdma: mind the device's max fast register page list depth
(bsc#908151).
- xprtrdma: mount reports "Invalid mount option" if memreg mode not
supported (bsc#908151).
- xprtrmda: Reduce calls to ib_poll_cq() in completion handlers
(bsc#908151).
- xprtrmda: Reduce lock contention in completion handlers (bsc#908151).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP1:
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1004=1
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1004=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1004=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1004=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1004=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1004=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64):
kernel-default-debuginfo-3.12.59-60.41.2
kernel-default-debugsource-3.12.59-60.41.2
kernel-default-extra-3.12.59-60.41.2
kernel-default-extra-debuginfo-3.12.59-60.41.2
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
kernel-obs-build-3.12.59-60.41.2
kernel-obs-build-debugsource-3.12.59-60.41.2
- SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch):
kernel-docs-3.12.59-60.41.8
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
kernel-default-3.12.59-60.41.2
kernel-default-base-3.12.59-60.41.2
kernel-default-base-debuginfo-3.12.59-60.41.2
kernel-default-debuginfo-3.12.59-60.41.2
kernel-default-debugsource-3.12.59-60.41.2
kernel-default-devel-3.12.59-60.41.2
kernel-syms-3.12.59-60.41.1
- SUSE Linux Enterprise Server 12-SP1 (noarch):
kernel-devel-3.12.59-60.41.2
kernel-macros-3.12.59-60.41.2
kernel-source-3.12.59-60.41.2
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
kernel-xen-3.12.59-60.41.2
kernel-xen-base-3.12.59-60.41.2
kernel-xen-base-debuginfo-3.12.59-60.41.2
kernel-xen-debuginfo-3.12.59-60.41.2
kernel-xen-debugsource-3.12.59-60.41.2
kernel-xen-devel-3.12.59-60.41.2
- SUSE Linux Enterprise Server 12-SP1 (s390x):
kernel-default-man-3.12.59-60.41.2
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.59-60.41.2
kernel-ec2-debuginfo-3.12.59-60.41.2
kernel-ec2-debugsource-3.12.59-60.41.2
kernel-ec2-devel-3.12.59-60.41.2
kernel-ec2-extra-3.12.59-60.41.2
kernel-ec2-extra-debuginfo-3.12.59-60.41.2
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_59-60_41-default-1-2.1
kgraft-patch-3_12_59-60_41-xen-1-2.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
kernel-default-3.12.59-60.41.2
kernel-default-debuginfo-3.12.59-60.41.2
kernel-default-debugsource-3.12.59-60.41.2
kernel-default-devel-3.12.59-60.41.2
kernel-default-extra-3.12.59-60.41.2
kernel-default-extra-debuginfo-3.12.59-60.41.2
kernel-syms-3.12.59-60.41.1
kernel-xen-3.12.59-60.41.2
kernel-xen-debuginfo-3.12.59-60.41.2
kernel-xen-debugsource-3.12.59-60.41.2
kernel-xen-devel-3.12.59-60.41.2
- SUSE Linux Enterprise Desktop 12-SP1 (noarch):
kernel-devel-3.12.59-60.41.2
kernel-macros-3.12.59-60.41.2
kernel-source-3.12.59-60.41.2
References:
https://www.suse.com/security/cve/CVE-2014-9717.html
https://www.suse.com/security/cve/CVE-2016-1583.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3136.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3689.html
https://www.suse.com/security/cve/CVE-2016-3951.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://bugzilla.suse.com/662458
https://bugzilla.suse.com/676471
https://bugzilla.suse.com/889207
https://bugzilla.suse.com/897662
https://bugzilla.suse.com/899908
https://bugzilla.suse.com/903279
https://bugzilla.suse.com/908151
https://bugzilla.suse.com/928547
https://bugzilla.suse.com/931448
https://bugzilla.suse.com/937086
https://bugzilla.suse.com/940413
https://bugzilla.suse.com/942262
https://bugzilla.suse.com/943989
https://bugzilla.suse.com/944309
https://bugzilla.suse.com/945345
https://bugzilla.suse.com/951844
https://bugzilla.suse.com/953233
https://bugzilla.suse.com/957805
https://bugzilla.suse.com/958390
https://bugzilla.suse.com/959514
https://bugzilla.suse.com/960857
https://bugzilla.suse.com/962336
https://bugzilla.suse.com/962846
https://bugzilla.suse.com/962872
https://bugzilla.suse.com/963572
https://bugzilla.suse.com/964461
https://bugzilla.suse.com/964727
https://bugzilla.suse.com/965319
https://bugzilla.suse.com/966054
https://bugzilla.suse.com/966573
https://bugzilla.suse.com/967640
https://bugzilla.suse.com/968497
https://bugzilla.suse.com/968687
https://bugzilla.suse.com/968812
https://bugzilla.suse.com/968813
https://bugzilla.suse.com/969016
https://bugzilla.suse.com/970604
https://bugzilla.suse.com/970609
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970955
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971049
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971159
https://bugzilla.suse.com/971170
https://bugzilla.suse.com/971600
https://bugzilla.suse.com/971628
https://bugzilla.suse.com/971793
https://bugzilla.suse.com/971947
https://bugzilla.suse.com/972003
https://bugzilla.suse.com/972068
https://bugzilla.suse.com/972174
https://bugzilla.suse.com/972780
https://bugzilla.suse.com/972844
https://bugzilla.suse.com/972891
https://bugzilla.suse.com/972951
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973556
https://bugzilla.suse.com/973855
https://bugzilla.suse.com/974418
https://bugzilla.suse.com/974646
https://bugzilla.suse.com/974692
https://bugzilla.suse.com/975371
https://bugzilla.suse.com/975488
https://bugzilla.suse.com/975772
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/976739
https://bugzilla.suse.com/976821
https://bugzilla.suse.com/976868
https://bugzilla.suse.com/977582
https://bugzilla.suse.com/977685
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978527
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979347
https://bugzilla.suse.com/983143
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1691-1: important: Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss
by opensuse-security@opensuse.org 27 Jun '16
by opensuse-security@opensuse.org 27 Jun '16
27 Jun '16
SUSE Security Update: Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1691-1
Rating: important
References: #982366 #983549 #983638 #983639 #983643 #983646
#983651 #983652 #983653 #983655 #984006 #984126
#985659
Cross-References: CVE-2016-2815 CVE-2016-2818 CVE-2016-2819
CVE-2016-2821 CVE-2016-2822 CVE-2016-2824
CVE-2016-2828 CVE-2016-2831 CVE-2016-2834
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12-SP1
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves 9 vulnerabilities and has four fixes
is now available.
Description:
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss and mozilla-nspr
were updated to fix nine security issues.
MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated
to version 3.21.1.
These security issues were fixed:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53)
(bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA
2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable
document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50)
(bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations
after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without
user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA
2016-49) (bsc#983638)
These non-security issues were fixed:
- bsc#982366: Unknown SSL protocol error in connections
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
All extensions must now be signed by addons.mozilla.org. Please read
README.SUSE for more details.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1003=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2016-1003=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1003=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2016-1003=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1003=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-1003=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-devel-45.2.0esr-75.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nspr-devel-4.12-15.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-devel-3.21.1-46.2
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-devel-45.2.0esr-75.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nspr-devel-4.12-15.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-devel-3.21.1-46.2
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
MozillaFirefox-45.2.0esr-75.2
MozillaFirefox-branding-SLE-45.0-28.2
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-translations-45.2.0esr-75.2
libfreebl3-3.21.1-46.2
libfreebl3-debuginfo-3.21.1-46.2
libfreebl3-hmac-3.21.1-46.2
libsoftokn3-3.21.1-46.2
libsoftokn3-debuginfo-3.21.1-46.2
libsoftokn3-hmac-3.21.1-46.2
mozilla-nspr-4.12-15.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nss-3.21.1-46.2
mozilla-nss-certs-3.21.1-46.2
mozilla-nss-certs-debuginfo-3.21.1-46.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-sysinit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-3.21.1-46.2
mozilla-nss-tools-3.21.1-46.2
mozilla-nss-tools-debuginfo-3.21.1-46.2
- SUSE Linux Enterprise Server 12-SP1 (s390x x86_64):
libfreebl3-32bit-3.21.1-46.2
libfreebl3-debuginfo-32bit-3.21.1-46.2
libfreebl3-hmac-32bit-3.21.1-46.2
libsoftokn3-32bit-3.21.1-46.2
libsoftokn3-debuginfo-32bit-3.21.1-46.2
libsoftokn3-hmac-32bit-3.21.1-46.2
mozilla-nspr-32bit-4.12-15.2
mozilla-nspr-debuginfo-32bit-4.12-15.2
mozilla-nss-32bit-3.21.1-46.2
mozilla-nss-certs-32bit-3.21.1-46.2
mozilla-nss-certs-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debuginfo-32bit-3.21.1-46.2
mozilla-nss-sysinit-32bit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-32bit-3.21.1-46.2
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
MozillaFirefox-45.2.0esr-75.2
MozillaFirefox-branding-SLE-45.0-28.2
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-translations-45.2.0esr-75.2
libfreebl3-3.21.1-46.2
libfreebl3-debuginfo-3.21.1-46.2
libfreebl3-hmac-3.21.1-46.2
libsoftokn3-3.21.1-46.2
libsoftokn3-debuginfo-3.21.1-46.2
libsoftokn3-hmac-3.21.1-46.2
mozilla-nspr-4.12-15.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nss-3.21.1-46.2
mozilla-nss-certs-3.21.1-46.2
mozilla-nss-certs-debuginfo-3.21.1-46.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-sysinit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-3.21.1-46.2
mozilla-nss-tools-3.21.1-46.2
mozilla-nss-tools-debuginfo-3.21.1-46.2
- SUSE Linux Enterprise Server 12 (s390x x86_64):
libfreebl3-32bit-3.21.1-46.2
libfreebl3-debuginfo-32bit-3.21.1-46.2
libfreebl3-hmac-32bit-3.21.1-46.2
libsoftokn3-32bit-3.21.1-46.2
libsoftokn3-debuginfo-32bit-3.21.1-46.2
libsoftokn3-hmac-32bit-3.21.1-46.2
mozilla-nspr-32bit-4.12-15.2
mozilla-nspr-debuginfo-32bit-4.12-15.2
mozilla-nss-32bit-3.21.1-46.2
mozilla-nss-certs-32bit-3.21.1-46.2
mozilla-nss-certs-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debuginfo-32bit-3.21.1-46.2
mozilla-nss-sysinit-32bit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-32bit-3.21.1-46.2
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
MozillaFirefox-45.2.0esr-75.2
MozillaFirefox-branding-SLE-45.0-28.2
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-translations-45.2.0esr-75.2
libfreebl3-3.21.1-46.2
libfreebl3-32bit-3.21.1-46.2
libfreebl3-debuginfo-3.21.1-46.2
libfreebl3-debuginfo-32bit-3.21.1-46.2
libsoftokn3-3.21.1-46.2
libsoftokn3-32bit-3.21.1-46.2
libsoftokn3-debuginfo-3.21.1-46.2
libsoftokn3-debuginfo-32bit-3.21.1-46.2
mozilla-nspr-32bit-4.12-15.2
mozilla-nspr-4.12-15.2
mozilla-nspr-debuginfo-32bit-4.12-15.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nss-3.21.1-46.2
mozilla-nss-32bit-3.21.1-46.2
mozilla-nss-certs-3.21.1-46.2
mozilla-nss-certs-32bit-3.21.1-46.2
mozilla-nss-certs-debuginfo-3.21.1-46.2
mozilla-nss-certs-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-sysinit-3.21.1-46.2
mozilla-nss-sysinit-32bit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-32bit-3.21.1-46.2
mozilla-nss-tools-3.21.1-46.2
mozilla-nss-tools-debuginfo-3.21.1-46.2
- SUSE Linux Enterprise Desktop 12 (x86_64):
MozillaFirefox-45.2.0esr-75.2
MozillaFirefox-branding-SLE-45.0-28.2
MozillaFirefox-debuginfo-45.2.0esr-75.2
MozillaFirefox-debugsource-45.2.0esr-75.2
MozillaFirefox-translations-45.2.0esr-75.2
libfreebl3-3.21.1-46.2
libfreebl3-32bit-3.21.1-46.2
libfreebl3-debuginfo-3.21.1-46.2
libfreebl3-debuginfo-32bit-3.21.1-46.2
libsoftokn3-3.21.1-46.2
libsoftokn3-32bit-3.21.1-46.2
libsoftokn3-debuginfo-3.21.1-46.2
libsoftokn3-debuginfo-32bit-3.21.1-46.2
mozilla-nspr-32bit-4.12-15.2
mozilla-nspr-4.12-15.2
mozilla-nspr-debuginfo-32bit-4.12-15.2
mozilla-nspr-debuginfo-4.12-15.2
mozilla-nspr-debugsource-4.12-15.2
mozilla-nss-3.21.1-46.2
mozilla-nss-32bit-3.21.1-46.2
mozilla-nss-certs-3.21.1-46.2
mozilla-nss-certs-32bit-3.21.1-46.2
mozilla-nss-certs-debuginfo-3.21.1-46.2
mozilla-nss-certs-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debuginfo-3.21.1-46.2
mozilla-nss-debuginfo-32bit-3.21.1-46.2
mozilla-nss-debugsource-3.21.1-46.2
mozilla-nss-sysinit-3.21.1-46.2
mozilla-nss-sysinit-32bit-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-3.21.1-46.2
mozilla-nss-sysinit-debuginfo-32bit-3.21.1-46.2
mozilla-nss-tools-3.21.1-46.2
mozilla-nss-tools-debuginfo-3.21.1-46.2
References:
https://www.suse.com/security/cve/CVE-2016-2815.html
https://www.suse.com/security/cve/CVE-2016-2818.html
https://www.suse.com/security/cve/CVE-2016-2819.html
https://www.suse.com/security/cve/CVE-2016-2821.html
https://www.suse.com/security/cve/CVE-2016-2822.html
https://www.suse.com/security/cve/CVE-2016-2824.html
https://www.suse.com/security/cve/CVE-2016-2828.html
https://www.suse.com/security/cve/CVE-2016-2831.html
https://www.suse.com/security/cve/CVE-2016-2834.html
https://bugzilla.suse.com/982366
https://bugzilla.suse.com/983549
https://bugzilla.suse.com/983638
https://bugzilla.suse.com/983639
https://bugzilla.suse.com/983643
https://bugzilla.suse.com/983646
https://bugzilla.suse.com/983651
https://bugzilla.suse.com/983652
https://bugzilla.suse.com/983653
https://bugzilla.suse.com/983655
https://bugzilla.suse.com/984006
https://bugzilla.suse.com/984126
https://bugzilla.suse.com/985659
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1690-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 27 Jun '16
by opensuse-security@opensuse.org 27 Jun '16
27 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1690-1
Rating: important
References: #676471 #880007 #889207 #899908 #903279 #928547
#931448 #940413 #943989 #944309 #945345 #947337
#953233 #954847 #956491 #956852 #957805 #957986
#960857 #962336 #962846 #962872 #963193 #963572
#963762 #964461 #964727 #965319 #966054 #966245
#966573 #966831 #967251 #967292 #967299 #967903
#968010 #968141 #968448 #968512 #968667 #968670
#968687 #968812 #968813 #969439 #969571 #969655
#969690 #969735 #969992 #969993 #970062 #970114
#970504 #970506 #970604 #970892 #970909 #970911
#970948 #970955 #970956 #970958 #970970 #971049
#971124 #971125 #971126 #971159 #971170 #971360
#971600 #971628 #971947 #972003 #972174 #972844
#972891 #972933 #972951 #973378 #973556 #973570
#973855 #974165 #974308 #974406 #974418 #974646
#975371 #975488 #975533 #975945 #976739 #976868
#977582 #977685 #978401 #978822 #979169 #979213
#979419 #979485 #979548 #979867 #979879 #980348
#980371 #981143 #981344 #982354 #982698 #983213
#983318 #983394 #983904 #984456
Cross-References: CVE-2014-9717 CVE-2015-8816 CVE-2015-8845
CVE-2016-0758 CVE-2016-2053 CVE-2016-2143
CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
CVE-2016-2188 CVE-2016-2782 CVE-2016-2847
CVE-2016-3134 CVE-2016-3136 CVE-2016-3137
CVE-2016-3138 CVE-2016-3139 CVE-2016-3140
CVE-2016-3156 CVE-2016-3672 CVE-2016-3689
CVE-2016-3951 CVE-2016-4482 CVE-2016-4486
CVE-2016-4565 CVE-2016-4569 CVE-2016-4578
CVE-2016-4805 CVE-2016-5244
Affected Products:
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves 29 vulnerabilities and has 89 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 kernel was updated to 3.12.60 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-9717: fs/namespace.c in the Linux kernel processes MNT_DETACH
umount2 system called without verifying that the MNT_LOCKED flag is
unset, which allowed local users to bypass intended access restrictions
and navigate to filesystem locations beneath a mount by calling umount2
within a user namespace (bnc#928547).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified other impact by unplugging a USB hub device
(bnc#968010).
- CVE-2015-8845: The tm_reclaim_thread function in
arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
did not ensure that TM suspend mode exists before proceeding with a
tm_reclaim call, which allowed local users to cause a denial of service
(TM Bad Thing exception and panic) via a crafted application
(bnc#975533).
- CVE-2016-0758: Fix ASN.1 indefinite length object parsing (bsc#979867).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
the Linux kernel allowed attackers to cause a denial of service (panic)
via an ASN.1 BER file that lacks a public key, leading to mishandling by
the public_key_verify_signature function in
crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390
platforms mishandled the case of four page-table levels, which allowed
local users to cause a denial of service (system crash) or possibly have
unspecified other impact via a crafted application, related to
arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.
(bnc#970504)
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-3136: The mct_u232_msr_to_state function in
drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted USB device without two
interrupt-in endpoint descriptors (bnc#970955).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandled
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
in the Linux kernel did not properly randomize the legacy base address,
which made it easier for local users to defeat the intended restrictions
on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
for a setuid or setgid program, by disabling stack-consumption resource
limits (bnc#974308).
- CVE-2016-3689: The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
USB device without both a master and a slave interface (bnc#971628).
- CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (system crash) or possibly have unspecified other
impact by inserting a USB device with an invalid USB descriptor
(bnc#974418).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory by reading a Netlink message (bnc#978822).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
incorrectly relied on the write system call, which allowed local users
to cause a denial of service (kernel memory write operation) or possibly
have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via crafted use of the ALSA timer interface (bnc#979213).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
certain r1 data structures, which allowed local users to obtain
sensitive information from kernel stack memory via crafted use of the
ALSA timer interface, related to the (1) snd_timer_user_ccallback and
(2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4805: Use-after-free vulnerability in
drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
cause a denial of service (memory corruption and system crash, or
spinlock) or possibly have unspecified other impact by removing a
network namespace, related to the ppp_register_net_channel and
ppp_unregister_channel functions (bnc#980371).
- CVE-2016-5244: Fixed an infoleak in rds_inc_info_copy (bsc#983213).
The following non-security bugs were fixed:
- ALSA: hrtimer: Handle start/stop more properly (bsc#973378).
- ALSA: timer: Call notifier in the same spinlock (bsc#973378).
- ALSA: timer: Protect the whole snd_timer_close() with open race
(bsc#973378).
- ALSA: timer: Sync timer deletion at closing the system timer
(bsc#973378).
- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- Btrfs-8394-qgroup-Account-data-space-in-more-proper-timin.patch:
(bsc#963193).
- Btrfs: do not collect ordered extents when logging that inode exists
(bsc#977685).
- Btrfs: do not use src fd for printk (bsc#980348).
- Btrfs: fix deadlock between direct IO reads and buffered writes
(bsc#973855).
- Btrfs: fix empty symlink after creating symlink and fsync parent dir
(bsc#977685).
- Btrfs: fix file loss on log replay after renaming a file and fsync
(bsc#977685).
- Btrfs: fix file/data loss caused by fsync after rename and new inode
(bsc#977685).
- Btrfs: fix for incorrect directory entries after fsync log replay
(bsc#957805, bsc#977685).
- Btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844).
- Btrfs: fix race between fsync and lockless direct IO writes (bsc#977685).
- Btrfs: fix unreplayable log after snapshot delete + parent dir fsync
(bsc#977685).
- Btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951).
- Btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value
(bsc#969439).
- Btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933).
- Btrfs: qgroup: return EINVAL if level of parent is not higher than
child's (bsc#972951).
- Btrfs: teach backref walking about backrefs with underflowed offset
values (bsc#975371).
- CacheFiles: Fix incorrect test for in-memory object collision
(bsc#971049).
- CacheFiles: Handle object being killed before being set up (bsc#971049).
- Ceph: Remove racey watch/notify event infrastructure (bsc#964727)
- Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739).
- FS-Cache: Add missing initialization of ret in cachefiles_write_page()
(bsc#971049).
- FS-Cache: Count culled objects and objects rejected due to lack of space
(bsc#971049).
- FS-Cache: Fix cancellation of in-progress operation (bsc#971049).
- FS-Cache: Handle a new operation submitted against a killed object
(bsc#971049).
- FS-Cache: Move fscache_report_unexpected_submission() to make it more
available (bsc#971049).
- FS-Cache: Out of line fscache_operation_init() (bsc#971049).
- FS-Cache: Permit fscache_cancel_op() to cancel in-progress operations
too (bsc#971049).
- FS-Cache: Put an aborted initialised op so that it is accounted
correctly (bsc#971049).
- FS-Cache: Reduce cookie ref count if submit fails (bsc#971049).
- FS-Cache: Synchronise object death state change vs operation submission
(bsc#971049).
- FS-Cache: The operation cancellation method needs calling in more places
(bsc#971049).
- FS-Cache: Timeout for releasepage() (bsc#971049).
- FS-Cache: When submitting an op, cancel it if the target object is dying
(bsc#971049).
- FS-Cache: fscache_object_is_dead() has wrong logic, kill it (bsc#971049).
- Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309)
- Fix kabi issue (bsc#971049).
- Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).
- Fix problem with setting ACL on directories (bsc#967251).
- Input: i8042 - lower log level for "no controller" message (bsc#945345).
- KVM: SVM: add rdmsr support for AMD event registers (bsc#968448).
- MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- NFSv4.1: do not use machine credentials for CLOSE when using "sec=sys"
(bsc#972003).
- PCI/AER: Fix aer_inject error codes (bsc#931448).
- PCI/AER: Log actual error causes in aer_inject (bsc#931448).
- PCI/AER: Log aer_inject error injections (bsc#931448).
- PCI/AER: Use dev_warn() in aer_inject (bsc#931448).
- Revert "libata: Align ata_device's id on a cacheline".
- Revert "net/ipv6: add sysctl option accept_ra_min_hop_limit".
- USB: quirk to stop runtime PM for Intel 7260 (bnc#984456).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- USB: xhci: Add broken streams quirk for Frescologic device id 1009
(bnc#982698).
- Update
patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch
(bsc#979419). Fix reference.
- Update
patches.drivers/drm-ast-Initialize-data-needed-to-map-fbdev-memory.patch
(bnc#880007). Fix refs and upstream status.
- Update patches.kernel.org/patch-3.12.55-56 references (add bsc#973570).
- Update patches.suse/kgr-0102-add-TAINT_KGRAFT.patch (bsc#974406).
- acpi: Disable ACPI table override when UEFI Secure Boot is enabled
(bsc#970604).
- acpi: Disable APEI error injection if securelevel is set (bsc#972891).
- cachefiles: perform test on s_blocksize when opening cache file
(bsc#971049).
- cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857,
bsc#974646).
- dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).
- drm/core: Preserve the framebuffer after removing it (bsc#968812).
- drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904).
- drm/mgag200: Add support for a new rev of G200e (bsc#983904).
- drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904).
- drm/mgag200: remove unused variables (bsc#983904).
- drm/radeon: fix-up some float to fixed conversion thinkos (bsc#968813).
- drm/radeon: use HDP_MEM_COHERENCY_FLUSH_CNTL for sdma as well
(bsc#968813).
- drm: qxl: Workaround for buggy user-space (bsc#981344).
- efifb: Fix 16 color palette entry calculation (bsc#983318).
- ehci-pci: enable interrupt on BayTrail (bnc#947337).
- enic: set netdev->vlan_features (bsc#966245).
- ext4: fix races between page faults and hole punching (bsc#972174).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- fix: print ext4 mountopt data_err=abort correctly (bsc#969735).
- fs, seq_file: fallback to vmalloc instead of oom kill processes
(bnc#968687).
- fs, seqfile: always allow oom killer (bnc#968687).
- fs/pipe.c: skip file_update_time on frozen fs (bsc#975488).
- hid-elo: kill not flush the work (bnc#982354).
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs
(bsc#956852).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- ipvs: count pre-established TCP states as active (bsc#970114).
- kABI: kgr: fix subtle race with kgr_module_init(), going notifier and
kgr_modify_kernel().
- kABI: protect enum enclosure_component_type.
- kABI: protect function file_open_root.
- kABI: protect include in evm.
- kABI: protect struct dm_exception_store_type.
- kABI: protect struct fib_nh_exception.
- kABI: protect struct module.
- kABI: protect struct rq.
- kABI: protect struct sched_class.
- kABI: protect struct scm_creds.
- kABI: protect struct user_struct.
- kABI: protect struct user_struct.
- kabi fix for patches.fixes/reduce-m_start-cost (bsc#966573).
- kabi/severities: Whitelist libceph and rbd (bsc#964727).
- kabi: kgr, add reserved fields
- kabi: protect struct fc_rport_priv (bsc#953233, bsc#962846).
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- kgr: add TAINT_KGRAFT
- kgr: add kgraft annotation to hwrng kthread.
- kgr: add kgraft annotations to kthreads' wait_event_freezable() API
calls.
- kgr: add objname to kgr_patch_fun struct.
- kgr: add sympos and objname to error and debug messages.
- kgr: add sympos as disambiguator field to kgr_patch_fun structure.
- kgr: add sympos to sysfs.
- kgr: call kgr_init_ftrace_ops() only for loaded objects.
- kgr: change to kallsyms_on_each_symbol iterator.
- kgr: define pr_fmt and modify all pr_* messages.
- kgr: do not print error for !abort_if_missing symbols (bnc#943989).
- kgr: do not return and print an error only if the object is not loaded.
- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).
- kgr: fix an asymmetric dealing with delayed module loading.
- kgr: fix redirection on s390x arch (bsc#903279).
- kgr: fix subtle race with kgr_module_init(), going notifier and
kgr_modify_kernel().
- kgr: handle btrfs kthreads (bnc#889207).
- kgr: kmemleak, really mark the kthread safe after an interrupt.
- kgr: log when modifying kernel.
- kgr: mark some more missed kthreads (bnc#962336).
- kgr: remove abort_if_missing flag.
- kgr: usb/storage: do not emit thread awakened (bnc#899908).
- kgraft/gfs2: Do not block livepatching in the log daemon for too long.
- kgraft/xen: Do not block livepatching in the XEN blkif kthread.
- libfc: replace 'rp_mutex' with 'rp_lock' (bsc#953233, bsc#962846).
- memcg: do not hang on OOM when killed by userspace OOM access to memory
reserves (bnc#969571).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- mmc: Allow forward compatibility for eMMC (bnc#966054).
- mmc: sdhci: Allow for irq being shared (bnc#977582).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667).
- net: Start with correct mac_len in skb_network_protocol (bsc#968667).
- net: disable fragment reassembly if high_thresh is set to zero
(bsc#970506).
- net: fix wrong mac_len calculation for vlans (bsc#968667).
- net: irda: Fix use-after-free in irtty_open() (bnc#967903).
- nfs4: treat lock owners as opaque values (bnc#968141).
- nfs: fix high load average due to callback thread sleeping (bsc#971170).
- nfsd: fix nfsd_setattr return code for HSM (bsc#969992).
- nvme: fix max_segments integer truncation (bsc#676471).
- ocfs2: do not set fs read-only if rec[0] is empty while committing
truncate (bnc#971947).
- ocfs2: extend enough credits for freeing one truncate record while
replaying truncate records (bnc#971947).
- ocfs2: extend transaction for ocfs2_remove_rightmost_path() and
ocfs2_update_edge_lengths() before to avoid inconsistency between inode
and et (bnc#971947).
- perf, nmi: Fix unknown NMI warning (bsc#968512).
- pipe: limit the per-user amount of pages allocated in pipes (bsc#970948).
- rbd: do not log miscompare as an error (bsc#970062).
- rbd: handle OBJ_REQUEST_SG types for copyup (bsc#983394).
- rbd: report unsupported features to syslog (bsc#979169).
- rbd: use GFP_NOIO consistently for request allocations (bsc#971159).
- reduce m_start() cost.. (bsc#966573).
- rpm/modprobe-xen.conf: Revert comment change to allow parallel install
(bsc#957986). This reverts commit
6c6d86d3cdc26f7746fe4ba2bef8859b5aeb346c.
- s390/pageattr: do a single TLB flush for change_page_attr (bsc#940413).
- sched/x86: Fix up typo in topology detection (bsc#974165).
- scsi: proper state checking and module refcount handling in
scsi_device_get (boo#966831).
- series.conf: move netfilter section at the end of core networking
- supported.conf: Add bridge.ko for OpenStack (bsc#971600)
- supported.conf: Add isofs to -base (bsc#969655).
- supported.conf:Add drivers/infiniband/hw/ocrdma/ocrdma.ko to
supported.conf (bsc#964461)
- target/rbd: do not put snap_context twice (bsc#981143).
- target/rbd: remove caw_mutex usage (bsc#981143).
- target: Drop incorrect ABORT_TASK put for completed commands
(bsc#962872).
- target: Fix LUN_RESET active I/O handling for ACK_KREF (bsc#962872).
- target: Fix LUN_RESET active TMR descriptor handling (bsc#962872).
- target: Fix TAS handling for multi-session se_node_acls (bsc#962872).
- target: Fix race with SCF_SEND_DELAYED_TAS handling (bsc#962872).
- target: Fix remote-port TMR ABORT + se_cmd fabric stop (bsc#962872).
- vgaarb: Add more context to error messages (bsc#976868).
- x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165).
- x86/efi: parse_efi_setup() build fix (bsc#979485).
- x86: standardize mmap_rnd() usage (bnc#974308).
- xen/acpi: Disable ACPI table override when UEFI Secure Boot is enabled
(bsc#970604).
- xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).
- xfs/dmapi: propertly send postcreate event (bsc#967299).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2016-1001=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2016-1001=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2016-1001=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1001=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1001=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-1001=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
kernel-default-debuginfo-3.12.60-52.49.1
kernel-default-debugsource-3.12.60-52.49.1
kernel-default-extra-3.12.60-52.49.1
kernel-default-extra-debuginfo-3.12.60-52.49.1
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
kernel-obs-build-3.12.60-52.49.1
kernel-obs-build-debugsource-3.12.60-52.49.1
- SUSE Linux Enterprise Software Development Kit 12 (noarch):
kernel-docs-3.12.60-52.49.3
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
kernel-default-3.12.60-52.49.1
kernel-default-base-3.12.60-52.49.1
kernel-default-base-debuginfo-3.12.60-52.49.1
kernel-default-debuginfo-3.12.60-52.49.1
kernel-default-debugsource-3.12.60-52.49.1
kernel-default-devel-3.12.60-52.49.1
kernel-syms-3.12.60-52.49.1
- SUSE Linux Enterprise Server 12 (noarch):
kernel-devel-3.12.60-52.49.1
kernel-macros-3.12.60-52.49.1
kernel-source-3.12.60-52.49.1
- SUSE Linux Enterprise Server 12 (x86_64):
kernel-xen-3.12.60-52.49.1
kernel-xen-base-3.12.60-52.49.1
kernel-xen-base-debuginfo-3.12.60-52.49.1
kernel-xen-debuginfo-3.12.60-52.49.1
kernel-xen-debugsource-3.12.60-52.49.1
kernel-xen-devel-3.12.60-52.49.1
- SUSE Linux Enterprise Server 12 (s390x):
kernel-default-man-3.12.60-52.49.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.60-52.49.1
kernel-ec2-debuginfo-3.12.60-52.49.1
kernel-ec2-debugsource-3.12.60-52.49.1
kernel-ec2-devel-3.12.60-52.49.1
kernel-ec2-extra-3.12.60-52.49.1
kernel-ec2-extra-debuginfo-3.12.60-52.49.1
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-3_12_60-52_49-default-1-2.1
kgraft-patch-3_12_60-52_49-xen-1-2.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
kernel-default-3.12.60-52.49.1
kernel-default-debuginfo-3.12.60-52.49.1
kernel-default-debugsource-3.12.60-52.49.1
kernel-default-devel-3.12.60-52.49.1
kernel-default-extra-3.12.60-52.49.1
kernel-default-extra-debuginfo-3.12.60-52.49.1
kernel-syms-3.12.60-52.49.1
kernel-xen-3.12.60-52.49.1
kernel-xen-debuginfo-3.12.60-52.49.1
kernel-xen-debugsource-3.12.60-52.49.1
kernel-xen-devel-3.12.60-52.49.1
- SUSE Linux Enterprise Desktop 12 (noarch):
kernel-devel-3.12.60-52.49.1
kernel-macros-3.12.60-52.49.1
kernel-source-3.12.60-52.49.1
References:
https://www.suse.com/security/cve/CVE-2014-9717.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2015-8845.html
https://www.suse.com/security/cve/CVE-2016-0758.html
https://www.suse.com/security/cve/CVE-2016-2053.html
https://www.suse.com/security/cve/CVE-2016-2143.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3136.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://www.suse.com/security/cve/CVE-2016-3672.html
https://www.suse.com/security/cve/CVE-2016-3689.html
https://www.suse.com/security/cve/CVE-2016-3951.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4565.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://www.suse.com/security/cve/CVE-2016-4578.html
https://www.suse.com/security/cve/CVE-2016-4805.html
https://www.suse.com/security/cve/CVE-2016-5244.html
https://bugzilla.suse.com/676471
https://bugzilla.suse.com/880007
https://bugzilla.suse.com/889207
https://bugzilla.suse.com/899908
https://bugzilla.suse.com/903279
https://bugzilla.suse.com/928547
https://bugzilla.suse.com/931448
https://bugzilla.suse.com/940413
https://bugzilla.suse.com/943989
https://bugzilla.suse.com/944309
https://bugzilla.suse.com/945345
https://bugzilla.suse.com/947337
https://bugzilla.suse.com/953233
https://bugzilla.suse.com/954847
https://bugzilla.suse.com/956491
https://bugzilla.suse.com/956852
https://bugzilla.suse.com/957805
https://bugzilla.suse.com/957986
https://bugzilla.suse.com/960857
https://bugzilla.suse.com/962336
https://bugzilla.suse.com/962846
https://bugzilla.suse.com/962872
https://bugzilla.suse.com/963193
https://bugzilla.suse.com/963572
https://bugzilla.suse.com/963762
https://bugzilla.suse.com/964461
https://bugzilla.suse.com/964727
https://bugzilla.suse.com/965319
https://bugzilla.suse.com/966054
https://bugzilla.suse.com/966245
https://bugzilla.suse.com/966573
https://bugzilla.suse.com/966831
https://bugzilla.suse.com/967251
https://bugzilla.suse.com/967292
https://bugzilla.suse.com/967299
https://bugzilla.suse.com/967903
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968141
https://bugzilla.suse.com/968448
https://bugzilla.suse.com/968512
https://bugzilla.suse.com/968667
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/968687
https://bugzilla.suse.com/968812
https://bugzilla.suse.com/968813
https://bugzilla.suse.com/969439
https://bugzilla.suse.com/969571
https://bugzilla.suse.com/969655
https://bugzilla.suse.com/969690
https://bugzilla.suse.com/969735
https://bugzilla.suse.com/969992
https://bugzilla.suse.com/969993
https://bugzilla.suse.com/970062
https://bugzilla.suse.com/970114
https://bugzilla.suse.com/970504
https://bugzilla.suse.com/970506
https://bugzilla.suse.com/970604
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970955
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971049
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971159
https://bugzilla.suse.com/971170
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/971600
https://bugzilla.suse.com/971628
https://bugzilla.suse.com/971947
https://bugzilla.suse.com/972003
https://bugzilla.suse.com/972174
https://bugzilla.suse.com/972844
https://bugzilla.suse.com/972891
https://bugzilla.suse.com/972933
https://bugzilla.suse.com/972951
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973556
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/973855
https://bugzilla.suse.com/974165
https://bugzilla.suse.com/974308
https://bugzilla.suse.com/974406
https://bugzilla.suse.com/974418
https://bugzilla.suse.com/974646
https://bugzilla.suse.com/975371
https://bugzilla.suse.com/975488
https://bugzilla.suse.com/975533
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/976739
https://bugzilla.suse.com/976868
https://bugzilla.suse.com/977582
https://bugzilla.suse.com/977685
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979169
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979419
https://bugzilla.suse.com/979485
https://bugzilla.suse.com/979548
https://bugzilla.suse.com/979867
https://bugzilla.suse.com/979879
https://bugzilla.suse.com/980348
https://bugzilla.suse.com/980371
https://bugzilla.suse.com/981143
https://bugzilla.suse.com/981344
https://bugzilla.suse.com/982354
https://bugzilla.suse.com/982698
https://bugzilla.suse.com/983213
https://bugzilla.suse.com/983318
https://bugzilla.suse.com/983394
https://bugzilla.suse.com/983904
https://bugzilla.suse.com/984456
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2016:1686-1: important: Security update for mariadb
by opensuse-security@opensuse.org 27 Jun '16
by opensuse-security@opensuse.org 27 Jun '16
27 Jun '16
openSUSE Security Update: Security update for mariadb
______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:1686-1
Rating: important
References: #961935 #963806 #963810 #970287 #970295 #980904
Cross-References: CVE-2016-0505 CVE-2016-0546 CVE-2016-0596
CVE-2016-0597 CVE-2016-0598 CVE-2016-0600
CVE-2016-0606 CVE-2016-0608 CVE-2016-0609
CVE-2016-0616 CVE-2016-0640 CVE-2016-0641
CVE-2016-0642 CVE-2016-0643 CVE-2016-0644
CVE-2016-0646 CVE-2016-0647 CVE-2016-0648
CVE-2016-0649 CVE-2016-0650 CVE-2016-0651
CVE-2016-0655 CVE-2016-0666 CVE-2016-0668
CVE-2016-2047
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes 25 vulnerabilities is now available.
Description:
mariadb was updated to version 10.0.25 to fix 25 security issues.
These security issues were fixed:
- CVE-2016-0505: Unspecified vulnerability allowed remote authenticated
users to affect availability via unknown vectors related to Options
(bsc#980904).
- CVE-2016-0546: Unspecified vulnerability allowed local users to affect
confidentiality, integrity, and availability via unknown vectors related
to Client (bsc#980904).
- CVE-2016-0596: Unspecified vulnerability allowed remote authenticated
users to affect availability via vectors related to DML (bsc#980904).
- CVE-2016-0597: Unspecified vulnerability allowed remote authenticated
users to affect availability via unknown vectors related to Optimizer
(bsc#980904).
- CVE-2016-0598: Unspecified vulnerability allowed remote authenticated
users to affect availability via vectors related to DML (bsc#980904).
- CVE-2016-0600: Unspecified vulnerability allowed remote authenticated
users to affect availability via unknown vectors related to InnoDB
(bsc#980904).
- CVE-2016-0606: Unspecified vulnerability allowed remote authenticated
users to affect integrity via unknown vectors related to encryption
(bsc#980904).
- CVE-2016-0608: Unspecified vulnerability allowed remote authenticated
users to affect availability via vectors related to UDF (bsc#980904).
- CVE-2016-0609: Unspecified vulnerability allowed remote authenticated
users to affect availability via unknown vectors related to privileges
(bsc#980904).
- CVE-2016-0616: Unspecified vulnerability allowed remote authenticated
users to affect availability via unknown vectors related to Optimizer
(bsc#980904).
- CVE-2016-0640: Unspecified vulnerability allowed local users to affect
integrity and availability via vectors related to DML (bsc#980904).
- CVE-2016-0641: Unspecified vulnerability allowed local users to affect
confidentiality and availability via vectors related to MyISAM
(bsc#980904).
- CVE-2016-0642: Unspecified vulnerability allowed local users to affect
integrity and availability via vectors related to Federated (bsc#980904).
- CVE-2016-0643: Unspecified vulnerability allowed local users to affect
confidentiality via vectors related to DML (bsc#980904).
- CVE-2016-0644: Unspecified vulnerability allowed local users to affect
availability via vectors related to DDL (bsc#980904).
- CVE-2016-0646: Unspecified vulnerability allowed local users to affect
availability via vectors related to DML (bsc#980904).
- CVE-2016-0647: Unspecified vulnerability allowed local users to affect
availability via vectors related to FTS (bsc#980904).
- CVE-2016-0648: Unspecified vulnerability allowed local users to affect
availability via vectors related to PS (bsc#980904).
- CVE-2016-0649: Unspecified vulnerability allowed local users to affect
availability via vectors related to PS (bsc#980904).
- CVE-2016-0650: Unspecified vulnerability allowed local users to affect
availability via vectors related to Replication (bsc#980904).
- CVE-2016-0651: Unspecified vulnerability allowed local users to affect
availability via vectors related to Optimizer (bsc#980904).
- CVE-2016-0655: Unspecified vulnerability allowed local users to affect
availability via vectors related to InnoDB (bsc#980904).
- CVE-2016-0666: Unspecified vulnerability allowed local users to affect
availability via vectors related to Security: Privileges (bsc#980904).
- CVE-2016-0668: Unspecified vulnerability allowed local users to affect
availability via vectors related to InnoDB (bsc#980904).
- CVE-2016-2047: The ssl_verify_server_cert function in
sql-common/client.c did not properly verify that the server hostname
matches a domain name in the subject's Common Name (CN) or
subjectAltName field of the X.509 certificate, which allowed
man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in
a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com
(bsc#963806).
These non-security issues were fixed:
- bsc#961935: Remove the leftovers of "openSUSE" string in the
'-DWITH_COMMENT' and 'DCOMPILATION_COMMENT' options
- bsc#970287: remove ha_tokudb.so plugin and tokuft_logprint and
tokuftdump binaries as TokuDB storage engine requires the jemalloc
library that isn't present in SLE-12-SP1
- bsc#970295: Fix the leftovers of "logrotate.d/mysql" string in the
logrotate error message. Occurrences of this string were changed to
"logrotate.d/mariadb"
- bsc#963810: Add 'log-error' and 'secure-file-priv' configuration options
* add '/etc/my.cnf.d/error_log.conf' that specifies 'log-error =
/var/log/mysql/mysqld.log'. If no path is set, the error log is
written to '/var/lib/mysql/$HOSTNAME.err', which is not picked up by
logrotate.
* add '/etc/my.cnf.d/secure_file_priv.conf' which specifies that 'LOAD
DATA', 'SELECT ... INTO' and 'LOAD FILE()' will only work with files
in the directory specified by 'secure-file-priv'
option (='/var/lib/mysql-files').
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-780=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
libmysqlclient-devel-10.0.25-6.1
libmysqlclient18-10.0.25-6.1
libmysqlclient18-debuginfo-10.0.25-6.1
libmysqlclient_r18-10.0.25-6.1
libmysqld-devel-10.0.25-6.1
libmysqld18-10.0.25-6.1
libmysqld18-debuginfo-10.0.25-6.1
mariadb-10.0.25-6.1
mariadb-bench-10.0.25-6.1
mariadb-bench-debuginfo-10.0.25-6.1
mariadb-client-10.0.25-6.1
mariadb-client-debuginfo-10.0.25-6.1
mariadb-debuginfo-10.0.25-6.1
mariadb-debugsource-10.0.25-6.1
mariadb-errormessages-10.0.25-6.1
mariadb-test-10.0.25-6.1
mariadb-test-debuginfo-10.0.25-6.1
mariadb-tools-10.0.25-6.1
mariadb-tools-debuginfo-10.0.25-6.1
- openSUSE Leap 42.1 (x86_64):
libmysqlclient18-32bit-10.0.25-6.1
libmysqlclient18-debuginfo-32bit-10.0.25-6.1
libmysqlclient_r18-32bit-10.0.25-6.1
References:
https://www.suse.com/security/cve/CVE-2016-0505.html
https://www.suse.com/security/cve/CVE-2016-0546.html
https://www.suse.com/security/cve/CVE-2016-0596.html
https://www.suse.com/security/cve/CVE-2016-0597.html
https://www.suse.com/security/cve/CVE-2016-0598.html
https://www.suse.com/security/cve/CVE-2016-0600.html
https://www.suse.com/security/cve/CVE-2016-0606.html
https://www.suse.com/security/cve/CVE-2016-0608.html
https://www.suse.com/security/cve/CVE-2016-0609.html
https://www.suse.com/security/cve/CVE-2016-0616.html
https://www.suse.com/security/cve/CVE-2016-0640.html
https://www.suse.com/security/cve/CVE-2016-0641.html
https://www.suse.com/security/cve/CVE-2016-0642.html
https://www.suse.com/security/cve/CVE-2016-0643.html
https://www.suse.com/security/cve/CVE-2016-0644.html
https://www.suse.com/security/cve/CVE-2016-0646.html
https://www.suse.com/security/cve/CVE-2016-0647.html
https://www.suse.com/security/cve/CVE-2016-0648.html
https://www.suse.com/security/cve/CVE-2016-0649.html
https://www.suse.com/security/cve/CVE-2016-0650.html
https://www.suse.com/security/cve/CVE-2016-0651.html
https://www.suse.com/security/cve/CVE-2016-0655.html
https://www.suse.com/security/cve/CVE-2016-0666.html
https://www.suse.com/security/cve/CVE-2016-0668.html
https://www.suse.com/security/cve/CVE-2016-2047.html
https://bugzilla.suse.com/961935
https://bugzilla.suse.com/963806
https://bugzilla.suse.com/963810
https://bugzilla.suse.com/970287
https://bugzilla.suse.com/970295
https://bugzilla.suse.com/980904
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2016:1672-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 24 Jun '16
by opensuse-security@opensuse.org 24 Jun '16
24 Jun '16
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:1672-1
Rating: important
References: #676471 #866130 #898592 #936530 #940413 #944309
#946122 #949752 #953369 #956491 #956852 #957986
#957988 #957990 #959381 #960458 #960857 #961512
#961518 #963762 #963998 #965319 #965860 #965923
#966245 #967863 #967914 #968010 #968018 #968141
#968500 #968566 #968670 #968687 #969149 #969391
#969571 #970114 #970504 #970892 #970909 #970911
#970948 #970956 #970958 #970970 #971124 #971125
#971126 #971360 #971433 #971446 #971729 #971944
#971947 #971989 #972363 #973237 #973378 #973556
#973570 #974646 #974787 #975358 #975772 #975945
#976739 #976868 #978401 #978821 #978822 #979213
#979274 #979347 #979419 #979548 #979595 #979867
#979879 #980371 #980725 #980788 #980931 #981231
#981267 #982532 #982691 #983143 #983213 #984107
Cross-References: CVE-2015-7566 CVE-2015-8816 CVE-2016-0758
CVE-2016-1583 CVE-2016-2053 CVE-2016-2143
CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
CVE-2016-2187 CVE-2016-2188 CVE-2016-2782
CVE-2016-2847 CVE-2016-3134 CVE-2016-3137
CVE-2016-3138 CVE-2016-3139 CVE-2016-3140
CVE-2016-3156 CVE-2016-4482 CVE-2016-4485
CVE-2016-4486 CVE-2016-4565 CVE-2016-4569
CVE-2016-4578 CVE-2016-4580 CVE-2016-4805
CVE-2016-4913 CVE-2016-5244
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 29 vulnerabilities and has 61 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
Notable changes in this kernel:
- It is now possible to mount a NFS export on the exporting host directly.
The following security bugs were fixed:
- CVE-2016-5244: A kernel information leak in rds_inc_info_copy was fixed
that could leak kernel stack memory to userspace (bsc#983213).
- CVE-2016-1583: Prevent the usage of mmap when the lower file system does
not allow it. This could have lead to local privilege escalation when
ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid
(bsc#983143).
- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c
in the Linux kernel mishandles NM (aka alternate name) entries
containing \0 characters, which allowed local users to obtain sensitive
information from kernel memory or possibly have unspecified other impact
via a crafted isofs filesystem (bnc#980725).
- CVE-2016-4580: The x25_negotiate_facilities function in
net/x25/x25_facilities.c in the Linux kernel did not properly initialize
a certain data structure, which allowed attackers to obtain sensitive
information from kernel stack memory via an X.25 Call Request
(bnc#981267).
- CVE-2016-4805: Use-after-free vulnerability in
drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
cause a denial of service (memory corruption and system crash, or
spinlock) or possibly have unspecified other impact by removing a
network namespace, related to the ppp_register_net_channel and
ppp_unregister_channel functions (bnc#980371).
- CVE-2016-0758: Tags with indefinite length could have corrupted pointers
in asn1_find_indefinite_length (bsc#979867).
- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971944).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
the Linux kernel allowed attackers to cause a denial of service (panic)
via an ASN.1 BER file that lacks a public key, leading to mishandling by
the public_key_verify_signature function in
crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
incorrectly relies on the write system call, which allowed local users
to cause a denial of service (kernel memory write operation) or possibly
have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the
Linux kernel did not initialize a certain data structure, which allowed
attackers to obtain sensitive information from kernel stack memory by
reading a message (bnc#978821).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
certain r1 data structures, which allowed local users to obtain
sensitive information from kernel stack memory via crafted use of the
ALSA timer interface, related to the (1) snd_timer_user_ccallback and
(2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory via crafted use of the ALSA timer interface (bnc#979213).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
in the Linux kernel did not initialize a certain data structure, which
allowed local users to obtain sensitive information from kernel stack
memory by reading a Netlink message (bnc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390
platforms mishandles the case of four page-table levels, which allowed
local users to cause a denial of service (system crash) or possibly have
unspecified other impact via a crafted application, related to
arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h
(bnc#970504).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified other impact by unplugging a USB hub device
(bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacked a bulk-out endpoint (bnc#961512).
The following non-security bugs were fixed:
- acpi / PCI: Account for ARI in _PRT lookups (bsc#968566).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- alsa: hrtimer: Handle start/stop more properly (bsc#973378).
- alsa: oxygen: add Xonar DGX support (bsc#982691).
- alsa: pcm: Fix potential deadlock in OSS emulation (bsc#968018).
- alsa: rawmidi: Fix race at copying and updating the position
(bsc#968018).
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix double port list deletion (bsc#968018).
- alsa: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup()
(bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- alsa: seq: Fix lockdep warnings due to double mutex locks (bsc#968018).
- alsa: seq: Fix race at closing in virmidi driver (bsc#968018).
- alsa: seq: Fix yet another races among ALSA timer accesses (bsc#968018).
- alsa: timer: Call notifier in the same spinlock (bsc#973378).
- alsa: timer: Code cleanup (bsc#968018).
- alsa: timer: Fix leftover link at closing (bsc#968018).
- alsa: timer: Fix link corruption due to double start or stop
(bsc#968018).
- alsa: timer: Fix race between stop and interrupt (bsc#968018).
- alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018).
- alsa: timer: Protect the whole snd_timer_close() with open race
(bsc#973378).
- alsa: timer: Sync timer deletion at closing the system timer
(bsc#973378).
- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- cgroups: do not attach task to subsystem if migration failed
(bnc#979274).
- cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274).
- cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857,
bsc#974646).
- dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- Delete
patches.drivers/nvme-0165-Split-header-file-into-user-visible-and-kernel-.p
atch. SLE11-SP4 does not have uapi headers so move everything back to
the original header (bnc#981231)
- Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739).
- enic: set netdev->vlan_features (bsc#966245).
- fcoe: fix reset of fip selection time (bsc#974787).
- Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309)
- fs, seqfile: always allow oom killer (bnc#968687).
- fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- fs, seq_file: fallback to vmalloc instead of oom kill processes
(bnc#968687).
- hid-elo: kill not flush the work (bnc#982532).
- hpsa: fix issues with multilun devices (bsc#959381).
- hv: Assign correct ->can_queue value in hv_storvsc (bnc#969391)
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- Import kabi files from kernel 3.0.101-71
- iommu/vt-d: Improve fault handler error messages (bsc#975772).
- iommu/vt-d: Ratelimit fault handler (bsc#975772).
- ipc,sem: fix use after free on IPC_RMID after a task using same
semaphore set exits (bsc#967914).
- ipv4/fib: do not warn when primary address is missing if in_dev is dead
(bsc#971360).
- ipv4: fix ineffective source address selection (bsc#980788).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs
(bsc#956852).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- ipvs: count pre-established TCP states as active (bsc#970114).
- isofs: Revert "get_rock_ridge_filename(): handle malformed NM entries"
This reverts commit cb6ce3ec7a964e56da9ba9cd3c9f0e708b5c3b2c. It should
have never landed in the tree (we already have the patch via c63531c60ff
that came through CVE branch), but I messed up the merge.
- kabi, fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- KVM: x86: fix maintenance of guest/host xcr0 state (bsc#961518).
- llist: Add llist_next().
- make vfree() safe to call from interrupt contexts .
- memcg: do not hang on OOM when killed by userspace OOM access to memory
reserves (bnc#969571).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- mm/hugetlb.c: correct missing private flag clearing (VM Functionality,
bnc#971446).
- mm/hugetlb: fix backport of upstream commit 07443a85ad (VM
Functionality, bnc#971446).
- MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- mm/vmscan.c: avoid throttling reclaim for loop-back nfsd threads
(bsc#956491).
- net/core: dev_mc_sync_multiple calls wrong helper (bsc#971433).
- net/core: __hw_addr_create_ex does not initialize sync_cnt (bsc#971433).
- net/core: __hw_addr_sync_one / _multiple broken (bsc#971433).
- net/core: __hw_addr_unsync_one "from" address not marked synced
(bsc#971433).
- NFS4: treat lock owners as opaque values (bnc#968141).
- NFS: avoid deadlocks with loop-back mounted NFS filesystems (bsc#956491).
- NFS: avoid waiting at all in nfs_release_page when congested
(bsc#956491).
- NFSd4: return nfserr_symlink on v4 OPEN of non-regular file (bsc#973237).
- NFSd: do not fail unchecked creates of non-special files (bsc#973237).
- NFS: Do not attempt to decode missing directory entries (bsc#980931).
- nfs: fix memory corruption rooted in get_ih_name pointer math
(bsc#984107).
- NFS: reduce access cache shrinker locking (bnc#866130).
- NFS: use smaller allocations for 'struct idmap' (bsc#965923).
- NFSv4: Ensure that we do not drop a state owner more than once
(bsc#979595).
- nfsv4: OPEN must handle the NFS4ERR_IO return code correctly
(bsc#979595).
- nvme: fix max_segments integer truncation (bsc#676471).
- NVMe: Unify controller probe and resume (bsc#979347).
- ocfs2: do not set fs read-only if rec[0] is empty while committing
truncate (bnc#971947).
- ocfs2: extend enough credits for freeing one truncate record while
replaying truncate records (bnc#971947).
- ocfs2: extend transaction for ocfs2_remove_rightmost_path() and
ocfs2_update_edge_lengths() before to avoid inconsistency between inode
and et (bnc#971947).
- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
- pciback: Save the number of MSI-X entries to be copied later
(bsc#957988).
- PCI: Move pci_ari_enabled() to global header (bsc#968566).
- RDMA/ucma: Fix AB-BA deadlock (bsc#963998).
- Restore kabi after lock-owner change (bnc#968141).
- rpm/modprobe-xen.conf: Revert comment change to allow parallel install
(bsc#957986). This reverts commit
855c7ce885fd412ce2a25ccc12a46e565c83f235.
- s390/dasd: prevent incorrect length error under z/VM after PAV changes
(bnc#968500, LTC#136670).
- s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413).
- s390/pci: add extra padding to function measurement block (bnc#968500,
LTC#139445).
- s390/pci_dma: fix DMA table corruption with > 4 TB main memory
(bnc#968500, LTC#139401).
- s390/pci_dma: handle dma table failures (bnc#968500, LTC#139442).
- s390/pci_dma: improve debugging of errors during dma map (bnc#968500,
LTC#139442).
- s390/pci_dma: unify label of invalid translation table entries
(bnc#968500, LTC#139442).
- s390/pci: enforce fmb page boundary rule (bnc#968500, LTC#139445).
- s390/pci: extract software counters from fmb (bnc#968500, LTC#139445).
- s390/pci: remove pdev pointer from arch data (bnc#968500, LTC#139444).
- s390/spinlock: avoid yield to non existent cpu (bnc#968500, LTC#141106).
- scsi_dh_alua: Do not block request queue if workqueue is active
(bsc#960458).
- SCSI: Increase REPORT_LUNS timeout (bsc#971989).
- SCSI mpt2sas: Rearrange the the code so that the completion queues are
initialized prior to sending the request to controller firmware
(bsc#967863).
- skb: Add inline helper for getting the skb end offset from head
(bsc#956852).
- tcp: avoid order-1 allocations on wifi and tx path (bsc#956852).
- tcp: fix skb_availroom() (bsc#956852).
- Tidy series.conf, p5 Only one last patch which can be moved easily.
There are some more x86-related things left at the end but moving them
won't be that trivial.
- Update
patches.drivers/nvme-0265-fix-max_segments-integer-truncation.patch
(bsc#979419). Fix reference.
- Update
patches.fixes/bnx2x-Alloc-4k-fragment-for-each-rx-ring-buffer-elem.patch
(bsc#953369 bsc#975358).
- Update PCI VPD size patch to upstream: - PCI: Determine actual VPD size
on first access (bsc#971729). - PCI: Update VPD definitions (bsc#971729).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- veth: do not modify ip_summed (bsc#969149).
- vgaarb: Add more context to error messages (bsc#976868).
- virtio_scsi: Implement eh_timed_out callback (bsc#936530).
- vmxnet3: set carrier state properly on probe (bsc#972363).
- vmxnet3: set netdev parant device before calling netdev_info
(bsc#972363).
- x86, kvm: fix kvm's usage of kernel_fpu_begin/end() (bsc#961518).
- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu()
(bsc#961518).
- xfrm: do not segment UFO packets (bsc#946122).
- xfs: fix sgid inheritance for subdirectories inheriting default acls
[V3] (bsc#965860).
- xhci: Workaround to get Intel xHCI reset working more reliably
(bnc#898592).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-kernel-source-12631=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-kernel-source-12631=1
- SUSE Linux Enterprise Server 11-EXTRA:
zypper in -t patch slexsp3-kernel-source-12631=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-kernel-source-12631=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):
kernel-docs-3.0.101-77.2
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-3.0.101-77.1
kernel-default-base-3.0.101-77.1
kernel-default-devel-3.0.101-77.1
kernel-source-3.0.101-77.1
kernel-syms-3.0.101-77.1
kernel-trace-3.0.101-77.1
kernel-trace-base-3.0.101-77.1
kernel-trace-devel-3.0.101-77.1
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
kernel-ec2-3.0.101-77.1
kernel-ec2-base-3.0.101-77.1
kernel-ec2-devel-3.0.101-77.1
kernel-xen-3.0.101-77.1
kernel-xen-base-3.0.101-77.1
kernel-xen-devel-3.0.101-77.1
- SUSE Linux Enterprise Server 11-SP4 (ppc64):
kernel-ppc64-3.0.101-77.1
kernel-ppc64-base-3.0.101-77.1
kernel-ppc64-devel-3.0.101-77.1
- SUSE Linux Enterprise Server 11-SP4 (s390x):
kernel-default-man-3.0.101-77.1
- SUSE Linux Enterprise Server 11-SP4 (i586):
kernel-pae-3.0.101-77.1
kernel-pae-base-3.0.101-77.1
kernel-pae-devel-3.0.101-77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):
kernel-xen-extra-3.0.101-77.1
- SUSE Linux Enterprise Server 11-EXTRA (x86_64):
kernel-trace-extra-3.0.101-77.1
- SUSE Linux Enterprise Server 11-EXTRA (ppc64):
kernel-ppc64-extra-3.0.101-77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586):
kernel-pae-extra-3.0.101-77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-debuginfo-3.0.101-77.1
kernel-default-debugsource-3.0.101-77.1
kernel-trace-debuginfo-3.0.101-77.1
kernel-trace-debugsource-3.0.101-77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):
kernel-default-devel-debuginfo-3.0.101-77.1
kernel-trace-devel-debuginfo-3.0.101-77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-77.1
kernel-ec2-debugsource-3.0.101-77.1
kernel-xen-debuginfo-3.0.101-77.1
kernel-xen-debugsource-3.0.101-77.1
kernel-xen-devel-debuginfo-3.0.101-77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):
kernel-ppc64-debuginfo-3.0.101-77.1
kernel-ppc64-debugsource-3.0.101-77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586):
kernel-pae-debuginfo-3.0.101-77.1
kernel-pae-debugsource-3.0.101-77.1
kernel-pae-devel-debuginfo-3.0.101-77.1
References:
https://www.suse.com/security/cve/CVE-2015-7566.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2016-0758.html
https://www.suse.com/security/cve/CVE-2016-1583.html
https://www.suse.com/security/cve/CVE-2016-2053.html
https://www.suse.com/security/cve/CVE-2016-2143.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2187.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://www.suse.com/security/cve/CVE-2016-4482.html
https://www.suse.com/security/cve/CVE-2016-4485.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://www.suse.com/security/cve/CVE-2016-4565.html
https://www.suse.com/security/cve/CVE-2016-4569.html
https://www.suse.com/security/cve/CVE-2016-4578.html
https://www.suse.com/security/cve/CVE-2016-4580.html
https://www.suse.com/security/cve/CVE-2016-4805.html
https://www.suse.com/security/cve/CVE-2016-4913.html
https://www.suse.com/security/cve/CVE-2016-5244.html
https://bugzilla.suse.com/676471
https://bugzilla.suse.com/866130
https://bugzilla.suse.com/898592
https://bugzilla.suse.com/936530
https://bugzilla.suse.com/940413
https://bugzilla.suse.com/944309
https://bugzilla.suse.com/946122
https://bugzilla.suse.com/949752
https://bugzilla.suse.com/953369
https://bugzilla.suse.com/956491
https://bugzilla.suse.com/956852
https://bugzilla.suse.com/957986
https://bugzilla.suse.com/957988
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/959381
https://bugzilla.suse.com/960458
https://bugzilla.suse.com/960857
https://bugzilla.suse.com/961512
https://bugzilla.suse.com/961518
https://bugzilla.suse.com/963762
https://bugzilla.suse.com/963998
https://bugzilla.suse.com/965319
https://bugzilla.suse.com/965860
https://bugzilla.suse.com/965923
https://bugzilla.suse.com/966245
https://bugzilla.suse.com/967863
https://bugzilla.suse.com/967914
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968018
https://bugzilla.suse.com/968141
https://bugzilla.suse.com/968500
https://bugzilla.suse.com/968566
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/968687
https://bugzilla.suse.com/969149
https://bugzilla.suse.com/969391
https://bugzilla.suse.com/969571
https://bugzilla.suse.com/970114
https://bugzilla.suse.com/970504
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/971433
https://bugzilla.suse.com/971446
https://bugzilla.suse.com/971729
https://bugzilla.suse.com/971944
https://bugzilla.suse.com/971947
https://bugzilla.suse.com/971989
https://bugzilla.suse.com/972363
https://bugzilla.suse.com/973237
https://bugzilla.suse.com/973378
https://bugzilla.suse.com/973556
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/974646
https://bugzilla.suse.com/974787
https://bugzilla.suse.com/975358
https://bugzilla.suse.com/975772
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/976739
https://bugzilla.suse.com/976868
https://bugzilla.suse.com/978401
https://bugzilla.suse.com/978821
https://bugzilla.suse.com/978822
https://bugzilla.suse.com/979213
https://bugzilla.suse.com/979274
https://bugzilla.suse.com/979347
https://bugzilla.suse.com/979419
https://bugzilla.suse.com/979548
https://bugzilla.suse.com/979595
https://bugzilla.suse.com/979867
https://bugzilla.suse.com/979879
https://bugzilla.suse.com/980371
https://bugzilla.suse.com/980725
https://bugzilla.suse.com/980788
https://bugzilla.suse.com/980931
https://bugzilla.suse.com/981231
https://bugzilla.suse.com/981267
https://bugzilla.suse.com/982532
https://bugzilla.suse.com/982691
https://bugzilla.suse.com/983143
https://bugzilla.suse.com/983213
https://bugzilla.suse.com/984107
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0