openSUSE Security Announce January 2017

security-announce@lists.opensuse.org

3 participants
69 discussions

[security-announce] SUSE-SU-2017:0346-1: important: Security update for java-1_8_0-openjdk

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0346-1 Rating: important References: #1020905 #1022053 Cross-References: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 (bsc#1020905) Upgrade to version jdk8u121 (icedtea 3.3.0): - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvements - S8168724, CVE-2016-5549: ECDSA signing improvements Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-176=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-176=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-176=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-176=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-176=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905 https://bugzilla.suse.com/1022053 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0333-1: important: Security update for the Linux Kernel

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0333-1 Rating: important References: #1003077 #1003925 #1004517 #1007944 #1008645 #1008831 #1008833 #1009443 #1010150 #1010467 #1010501 #1010507 #1010711 #1010716 #1011482 #1011685 #1012422 #1012832 #1013038 #1013531 #1013542 #1014746 #1017710 #1021258 #835175 #839104 #863873 #874145 #896484 #908069 #914939 #922947 #927287 #940966 #950998 #954984 #956514 #958000 #960689 #963053 #967716 #968500 #969340 #971360 #971944 #978401 #978821 #979213 #979274 #979548 #979595 #979879 #979915 #980363 #980371 #980725 #981267 #983143 #983213 #984755 #986362 #986365 #986445 #986572 #989261 #991608 #991665 #992566 #993890 #993891 #994296 #994436 #994618 #994759 #995968 #997059 #999932 Cross-References: CVE-2004-0230 CVE-2012-6704 CVE-2013-4312 CVE-2015-1350 CVE-2015-7513 CVE-2015-7833 CVE-2015-8956 CVE-2015-8962 CVE-2015-8964 CVE-2016-0823 CVE-2016-10088 CVE-2016-1583 CVE-2016-2187 CVE-2016-2189 CVE-2016-3841 CVE-2016-4470 CVE-2016-4482 CVE-2016-4485 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4805 CVE-2016-4913 CVE-2016-4997 CVE-2016-4998 CVE-2016-5244 CVE-2016-5829 CVE-2016-6480 CVE-2016-6828 CVE-2016-7042 CVE-2016-7097 CVE-2016-7117 CVE-2016-7425 CVE-2016-7910 CVE-2016-7911 CVE-2016-7916 CVE-2016-8399 CVE-2016-8632 CVE-2016-8633 CVE-2016-8646 CVE-2016-9555 CVE-2016-9685 CVE-2016-9756 CVE-2016-9793 CVE-2017-5551 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that solves 46 vulnerabilities and has 31 fixes is now available. Description: The SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes. This is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS. The following security bugs were fixed: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531). - CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542). - CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832). - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability (bnc#991608). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bsc#986365). - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689). - CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572). - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755). - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143). - CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725). - CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998). - CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548). - CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821). - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213). The following non-security bugs were fixed: - arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716). - cdc-acm: added sanity checking for probe() (bsc#993891). - cgroups: do not attach task to subsystem if migration failed (bnc#979274). - cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274). - dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671). - dasd: Fix unresumed device after suspend/resume (bnc#927287, LTC#123892). - ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360). - kabi, unix: properly account for FDs passed over unix sockets (bnc#839104). - kaweth: fix firmware download (bsc#993890). - kaweth: fix oops upon failed memory allocation (bsc#993890). - kvm: x86: SYSENTER emulation is broken (bsc#994618). - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445). - mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645). - nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944). - nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261, bsc#1011482). - nfs: do not do blind d_drop() in nfs_prime_dcache() (bnc#908069 bnc#896484 bsc#963053). - nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484 bsc#963053). - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261). - nfsv4: Ensure that we do not drop a state owner more than once (bsc#979595). - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595, bsc#1011482). - nfsv4: nfs4_proc_renew should be declared static (bnc#863873). - nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595). - nfsv4: Recovery of recalled read delegations is broken (bsc#956514 bsc#1011482). - nfsv4: The NFSv4.0 client must send RENEW calls if it holds a delegation (bnc#863873). - powerpc: Add ability to build little endian kernels (bsc#967716). - powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716). - powerpc: Do not build assembly files with ABIv2 (bsc#967716). - powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716). - powerpc: dtc is required to build dtb files (bsc#967716). - powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716). - powerpc: Fix error when cross building TAGS & cscope (bsc#967716). - powerpc: Make the vdso32 also build big-endian (bsc#967716). - powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716). - powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716). - powerpc: Require gcc 4.0 on 64-bit (bsc#967716). - ppp: defer netns reference release for ppp channel (bsc#980371). - qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590). - qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809). - qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873). - rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422) - Revert "s390/mm: fix asce_bits handling with dynamic pagetable levels" This reverts commit 6e00b1d803fa2ab4b130e04b7fbcc99f0b5ecba8. - rpm/config.sh: Set the release string to 0.7.<RELEASE> (bsc#997059) - rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059) - s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138). - s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640). - s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595). - s390/dasd: fix list_del corruption after lcu changes (bnc#954984, LTC#133077). - s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). Conflicts: series.conf - s390/pageattr: do a single TLB flush for change_page_attr (bsc#1009443,LTC#148182). - Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository. - usb: fix typo in wMaxPacketSize validation (bsc#991665). - usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-kernel-12961=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-kernel-12961=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): kernel-default-3.0.101-0.7.53.1 kernel-default-base-3.0.101-0.7.53.1 kernel-default-devel-3.0.101-0.7.53.1 kernel-source-3.0.101-0.7.53.1 kernel-syms-3.0.101-0.7.53.1 kernel-trace-3.0.101-0.7.53.1 kernel-trace-base-3.0.101-0.7.53.1 kernel-trace-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): kernel-ec2-3.0.101-0.7.53.1 kernel-ec2-base-3.0.101-0.7.53.1 kernel-ec2-devel-3.0.101-0.7.53.1 kernel-xen-3.0.101-0.7.53.1 kernel-xen-base-3.0.101-0.7.53.1 kernel-xen-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x): kernel-default-man-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): kernel-pae-3.0.101-0.7.53.1 kernel-pae-base-3.0.101-0.7.53.1 kernel-pae-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): kernel-default-debuginfo-3.0.101-0.7.53.1 kernel-default-debugsource-3.0.101-0.7.53.1 kernel-default-devel-debuginfo-3.0.101-0.7.53.1 kernel-trace-debuginfo-3.0.101-0.7.53.1 kernel-trace-debugsource-3.0.101-0.7.53.1 kernel-trace-devel-debuginfo-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-0.7.53.1 kernel-ec2-debugsource-3.0.101-0.7.53.1 kernel-xen-debuginfo-3.0.101-0.7.53.1 kernel-xen-debugsource-3.0.101-0.7.53.1 kernel-xen-devel-debuginfo-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586): kernel-pae-debuginfo-3.0.101-0.7.53.1 kernel-pae-debugsource-3.0.101-0.7.53.1 kernel-pae-devel-debuginfo-3.0.101-0.7.53.1 References: https://www.suse.com/security/cve/CVE-2004-0230.html https://www.suse.com/security/cve/CVE-2012-6704.html https://www.suse.com/security/cve/CVE-2013-4312.html https://www.suse.com/security/cve/CVE-2015-1350.html https://www.suse.com/security/cve/CVE-2015-7513.html https://www.suse.com/security/cve/CVE-2015-7833.html https://www.suse.com/security/cve/CVE-2015-8956.html https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8964.html https://www.suse.com/security/cve/CVE-2016-0823.html https://www.suse.com/security/cve/CVE-2016-10088.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2187.html https://www.suse.com/security/cve/CVE-2016-2189.html https://www.suse.com/security/cve/CVE-2016-3841.html https://www.suse.com/security/cve/CVE-2016-4470.html https://www.suse.com/security/cve/CVE-2016-4482.html https://www.suse.com/security/cve/CVE-2016-4485.html https://www.suse.com/security/cve/CVE-2016-4565.html https://www.suse.com/security/cve/CVE-2016-4569.html https://www.suse.com/security/cve/CVE-2016-4578.html https://www.suse.com/security/cve/CVE-2016-4580.html https://www.suse.com/security/cve/CVE-2016-4805.html https://www.suse.com/security/cve/CVE-2016-4913.html https://www.suse.com/security/cve/CVE-2016-4997.html https://www.suse.com/security/cve/CVE-2016-4998.html https://www.suse.com/security/cve/CVE-2016-5244.html https://www.suse.com/security/cve/CVE-2016-5829.html https://www.suse.com/security/cve/CVE-2016-6480.html https://www.suse.com/security/cve/CVE-2016-6828.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7097.html https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-7425.html https://www.suse.com/security/cve/CVE-2016-7910.html https://www.suse.com/security/cve/CVE-2016-7911.html https://www.suse.com/security/cve/CVE-2016-7916.html https://www.suse.com/security/cve/CVE-2016-8399.html https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8646.html https://www.suse.com/security/cve/CVE-2016-9555.html https://www.suse.com/security/cve/CVE-2016-9685.html https://www.suse.com/security/cve/CVE-2016-9756.html https://www.suse.com/security/cve/CVE-2016-9793.html https://www.suse.com/security/cve/CVE-2017-5551.html https://bugzilla.suse.com/1003077 https://bugzilla.suse.com/1003925 https://bugzilla.suse.com/1004517 https://bugzilla.suse.com/1007944 https://bugzilla.suse.com/1008645 https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1008833 https://bugzilla.suse.com/1009443 https://bugzilla.suse.com/1010150 https://bugzilla.suse.com/1010467 https://bugzilla.suse.com/1010501 https://bugzilla.suse.com/1010507 https://bugzilla.suse.com/1010711 https://bugzilla.suse.com/1010716 https://bugzilla.suse.com/1011482 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1012832 https://bugzilla.suse.com/1013038 https://bugzilla.suse.com/1013531 https://bugzilla.suse.com/1013542 https://bugzilla.suse.com/1014746 https://bugzilla.suse.com/1017710 https://bugzilla.suse.com/1021258 https://bugzilla.suse.com/835175 https://bugzilla.suse.com/839104 https://bugzilla.suse.com/863873 https://bugzilla.suse.com/874145 https://bugzilla.suse.com/896484 https://bugzilla.suse.com/908069 https://bugzilla.suse.com/914939 https://bugzilla.suse.com/922947 https://bugzilla.suse.com/927287 https://bugzilla.suse.com/940966 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/954984 https://bugzilla.suse.com/956514 https://bugzilla.suse.com/958000 https://bugzilla.suse.com/960689 https://bugzilla.suse.com/963053 https://bugzilla.suse.com/967716 https://bugzilla.suse.com/968500 https://bugzilla.suse.com/969340 https://bugzilla.suse.com/971360 https://bugzilla.suse.com/971944 https://bugzilla.suse.com/978401 https://bugzilla.suse.com/978821 https://bugzilla.suse.com/979213 https://bugzilla.suse.com/979274 https://bugzilla.suse.com/979548 https://bugzilla.suse.com/979595 https://bugzilla.suse.com/979879 https://bugzilla.suse.com/979915 https://bugzilla.suse.com/980363 https://bugzilla.suse.com/980371 https://bugzilla.suse.com/980725 https://bugzilla.suse.com/981267 https://bugzilla.suse.com/983143 https://bugzilla.suse.com/983213 https://bugzilla.suse.com/984755 https://bugzilla.suse.com/986362 https://bugzilla.suse.com/986365 https://bugzilla.suse.com/986445 https://bugzilla.suse.com/986572 https://bugzilla.suse.com/989261 https://bugzilla.suse.com/991608 https://bugzilla.suse.com/991665 https://bugzilla.suse.com/992566 https://bugzilla.suse.com/993890 https://bugzilla.suse.com/993891 https://bugzilla.suse.com/994296 https://bugzilla.suse.com/994436 https://bugzilla.suse.com/994618 https://bugzilla.suse.com/994759 https://bugzilla.suse.com/995968 https://bugzilla.suse.com/997059 https://bugzilla.suse.com/999932 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] openSUSE-SU-2017:0332-1: important: Security update for virtualbox

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for virtualbox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0332-1 Rating: important References: #1020856 Cross-References: CVE-2016-5545 CVE-2017-3290 CVE-2017-3316 CVE-2017-3332 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for virtualbox to version 5.0.32 fixes the following issues: These security issues were fixed: - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read access to a subset of VirtualBox accessible data and unauthorized ability to cause a partial denial of service (bsc#1020856). - CVE-2017-3290: Vulnerability in the Shared Folder subcomponent of virtualbox allows high privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). - CVE-2017-3316: Vulnerability in the GUI subcomponent of virtualbox allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox (bsc#1020856). - CVE-2017-3332: Vulnerability in the SVGA Emulation subcomponent of virtualbox allows low privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). For other changes please read the changelog. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-178=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (x86_64): python-virtualbox-5.0.32-34.1 python-virtualbox-debuginfo-5.0.32-34.1 virtualbox-5.0.32-34.1 virtualbox-debuginfo-5.0.32-34.1 virtualbox-debugsource-5.0.32-34.1 virtualbox-devel-5.0.32-34.1 virtualbox-guest-kmp-default-5.0.32_k4.1.36_44-34.1 virtualbox-guest-kmp-default-debuginfo-5.0.32_k4.1.36_44-34.1 virtualbox-guest-tools-5.0.32-34.1 virtualbox-guest-tools-debuginfo-5.0.32-34.1 virtualbox-guest-x11-5.0.32-34.1 virtualbox-guest-x11-debuginfo-5.0.32-34.1 virtualbox-host-kmp-default-5.0.32_k4.1.36_44-34.1 virtualbox-host-kmp-default-debuginfo-5.0.32_k4.1.36_44-34.1 virtualbox-qt-5.0.32-34.1 virtualbox-qt-debuginfo-5.0.32-34.1 virtualbox-websrv-5.0.32-34.1 virtualbox-websrv-debuginfo-5.0.32-34.1 - openSUSE Leap 42.1 (noarch): virtualbox-guest-desktop-icons-5.0.32-34.1 virtualbox-host-source-5.0.32-34.1 References: https://www.suse.com/security/cve/CVE-2016-5545.html https://www.suse.com/security/cve/CVE-2017-3290.html https://www.suse.com/security/cve/CVE-2017-3316.html https://www.suse.com/security/cve/CVE-2017-3332.html https://bugzilla.suse.com/1020856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0307-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0307-1 Rating: important References: #1019079 Cross-References: CVE-2016-10088 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel fixes one security issue: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1017710). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-162=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_38-93-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-10088.html https://bugzilla.suse.com/1019079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] openSUSE-SU-2017:0306-1: important: Security update for rabbitmq-server

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for rabbitmq-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0306-1 Rating: important References: #1017642 Cross-References: CVE-2016-9877 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rabbitmq-server fixes the following issue: - CVE-2016-9877: An issue in Pivotal RabbitMQ caused connection authentication with a username/password pair to succeed if an existing username was provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate were not affected (bsc#1017642). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-156=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): erlang-rabbitmq-client-3.5.8-3.2 rabbitmq-server-3.5.8-3.2 rabbitmq-server-plugins-3.5.8-3.2 References: https://www.suse.com/security/cve/CVE-2016-9877.html https://bugzilla.suse.com/1017642 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0304-1: important: Security update for gnutls

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for gnutls ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0304-1 Rating: important References: #1005879 #1018832 #961491 Cross-References: CVE-2016-8610 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for gnutls fixes the following issues: - Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser (bsc#961491). - CVE-2016-8610: Remote denial of service in SSL alert handling (bsc#1005879). - CVE-2017-5335: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832). - CVE-2017-5336: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832). - CVE-2017-5337: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-gnutls-12957=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-gnutls-12957=1 - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-gnutls-12957=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-gnutls-12957=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgnutls-devel-2.4.1-24.39.67.1 libgnutls-extra-devel-2.4.1-24.39.67.1 libgnutls-extra26-2.4.1-24.39.67.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): gnutls-2.4.1-24.39.67.1 libgnutls-extra26-2.4.1-24.39.67.1 libgnutls26-2.4.1-24.39.67.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libgnutls26-32bit-2.4.1-24.39.67.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libgnutls26-x86-2.4.1-24.39.67.1 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgnutls-extra26-2.4.1-24.39.67.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): gnutls-debuginfo-2.4.1-24.39.67.1 gnutls-debugsource-2.4.1-24.39.67.1 References: https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2017-5335.html https://www.suse.com/security/cve/CVE-2017-5336.html https://www.suse.com/security/cve/CVE-2017-5337.html https://bugzilla.suse.com/1005879 https://bugzilla.suse.com/1018832 https://bugzilla.suse.com/961491 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0303-1: important: Security update for Linux Kernel Live Patch 18 for SLE 12

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0303-1 Rating: important References: #1017589 Cross-References: CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_63 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-161=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-161=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_63-default-2-2.1 kgraft-patch-3_12_60-52_63-xen-2-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_63-default-2-2.1 kgraft-patch-3_12_60-52_63-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] openSUSE-SU-2017:0298-1: important: Security update for gstreamer-0_10-plugins-good

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for gstreamer-0_10-plugins-good ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0298-1 Rating: important References: #1012102 #1012103 #1012104 #1013653 #1013655 #1013663 Cross-References: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for gstreamer-0_10-plugins-good fixes the following issues: - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102) - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103) - CVE-2016-9636: Prevent maliciously crafted flic files from causing invalid memory writes (bsc#1012104) - CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655) - CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653) - CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-153=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): gstreamer-0_10-plugin-esd-0.10.31-16.1 gstreamer-0_10-plugin-esd-debuginfo-0.10.31-16.1 gstreamer-0_10-plugins-good-0.10.31-16.1 gstreamer-0_10-plugins-good-debuginfo-0.10.31-16.1 gstreamer-0_10-plugins-good-debugsource-0.10.31-16.1 gstreamer-0_10-plugins-good-doc-0.10.31-16.1 gstreamer-0_10-plugins-good-extra-0.10.31-16.1 gstreamer-0_10-plugins-good-extra-debuginfo-0.10.31-16.1 - openSUSE Leap 42.1 (noarch): gstreamer-0_10-plugins-good-lang-0.10.31-16.1 - openSUSE Leap 42.1 (x86_64): gstreamer-0_10-plugin-esd-32bit-0.10.31-16.1 gstreamer-0_10-plugin-esd-debuginfo-32bit-0.10.31-16.1 gstreamer-0_10-plugins-good-32bit-0.10.31-16.1 gstreamer-0_10-plugins-good-debuginfo-32bit-0.10.31-16.1 gstreamer-0_10-plugins-good-extra-32bit-0.10.31-16.1 gstreamer-0_10-plugins-good-extra-debuginfo-32bit-0.10.31-16.1 References: https://www.suse.com/security/cve/CVE-2016-9634.html https://www.suse.com/security/cve/CVE-2016-9635.html https://www.suse.com/security/cve/CVE-2016-9636.html https://www.suse.com/security/cve/CVE-2016-9807.html https://www.suse.com/security/cve/CVE-2016-9808.html https://www.suse.com/security/cve/CVE-2016-9810.html https://bugzilla.suse.com/1012102 https://bugzilla.suse.com/1012103 https://bugzilla.suse.com/1012104 https://bugzilla.suse.com/1013653 https://bugzilla.suse.com/1013655 https://bugzilla.suse.com/1013663 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0294-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0294-1 Rating: important References: #1013543 #1013604 #1014271 Cross-References: CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bugs were fixed: - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-155=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-2-2.1 kgraft-patch-3_12_67-60_64_21-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

[security-announce] SUSE-SU-2017:0293-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0293-1 Rating: important References: #1013543 #1014271 #1019079 Cross-References: CVE-2016-10088 CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.21-84 fixes several issues. The following security bugs were fixed: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bsc#1019079). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). before 4.8.14 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-154=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-10088.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1019079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

4 years, 6 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

openSUSE Security Announce January 2017