openSUSE Security Announce November 2017

security-announce@lists.opensuse.org

2 participants
83 discussions

[security-announce] SUSE-SU-2017:3124-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP1)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3124-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1937=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1937=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_67-60_64_21-default-11-2.1 kgraft-patch-3_12_67-60_64_21-xen-11-2.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_67-60_64_21-default-11-2.1 kgraft-patch-3_12_67-60_64_21-xen-11-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3123-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 12)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 24 for SLE 12) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3123-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.61-52_83 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1942=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_83-default-4-2.1 kgraft-patch-3_12_61-52_83-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3122-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3122-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.74-92_32 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1929=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_74-92_32-default-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3121-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3121-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.59-92_20 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1932=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_59-92_20-default-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3120-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3120-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.74-92_38 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1927=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_74-92_38-default-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3119-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 12)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3119-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.61-52_89 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1940=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_89-default-4-2.1 kgraft-patch-3_12_61-52_89-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3118-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP1)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3118-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1935=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1935=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_69-60_64_32-default-8-2.1 kgraft-patch-3_12_69-60_64_32-xen-8-2.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_69-60_64_32-default-8-2.1 kgraft-patch-3_12_69-60_64_32-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3117-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 12)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 17 for SLE 12) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3117-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.60-52_60 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1943=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_60-default-10-2.1 kgraft-patch-3_12_60-52_60-xen-10-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3116-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2)
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3116-1 Rating: important References: #1063671 #1064392 #1066471 #1066472 Cross-References: CVE-2017-13080 CVE-2017-15649 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.59-92_24 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064392) - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bsc#1063671, bsc#1066472, bsc#1066471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1931=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_59-92_24-default-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-15649.html https://bugzilla.suse.com/1063671 https://bugzilla.suse.com/1064392 https://bugzilla.suse.com/1066471 https://bugzilla.suse.com/1066472 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:3115-1: important: Security update for xen
by opensuse-security＠opensuse.org 29 Nov '17

29 Nov '17

SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3115-1 Rating: important References: #1027519 #1055047 #1061075 #1063123 #1068187 #1068191 Cross-References: CVE-2017-15289 CVE-2017-15597 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE Container as a Service Platform ALL ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for xen to version 4.9.1 (bsc#1027519) fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075). This non-security issue was fixed: - bsc#1055047: Fixed --initrd-inject option in virt-install Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1926=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1926=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1926=1 - SUSE Container as a Service Platform ALL: zypper in -t patch SUSE-CAASP-ALL-2017-1926=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 x86_64): xen-debugsource-4.9.1_02-3.21.1 xen-devel-4.9.1_02-3.21.1 - SUSE Linux Enterprise Server 12-SP3 (x86_64): xen-4.9.1_02-3.21.1 xen-debugsource-4.9.1_02-3.21.1 xen-doc-html-4.9.1_02-3.21.1 xen-libs-32bit-4.9.1_02-3.21.1 xen-libs-4.9.1_02-3.21.1 xen-libs-debuginfo-32bit-4.9.1_02-3.21.1 xen-libs-debuginfo-4.9.1_02-3.21.1 xen-tools-4.9.1_02-3.21.1 xen-tools-debuginfo-4.9.1_02-3.21.1 xen-tools-domU-4.9.1_02-3.21.1 xen-tools-domU-debuginfo-4.9.1_02-3.21.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): xen-4.9.1_02-3.21.1 xen-debugsource-4.9.1_02-3.21.1 xen-libs-32bit-4.9.1_02-3.21.1 xen-libs-4.9.1_02-3.21.1 xen-libs-debuginfo-32bit-4.9.1_02-3.21.1 xen-libs-debuginfo-4.9.1_02-3.21.1 - SUSE Container as a Service Platform ALL (x86_64): xen-debugsource-4.9.1_02-3.21.1 xen-libs-4.9.1_02-3.21.1 xen-libs-debuginfo-4.9.1_02-3.21.1 xen-tools-domU-4.9.1_02-3.21.1 xen-tools-domU-debuginfo-4.9.1_02-3.21.1 References: https://www.suse.com/security/cve/CVE-2017-15289.html https://www.suse.com/security/cve/CVE-2017-15597.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1055047 https://bugzilla.suse.com/1061075 https://bugzilla.suse.com/1063123 https://bugzilla.suse.com/1068187 https://bugzilla.suse.com/1068191 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

← Newer
1
2
3
4
5
6
7
8
9
Older →

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

openSUSE Security Announce November 2017