September 2017 - openSUSE Security Announce

[security-announce] SUSE-SU-2017:2416-1: important: Security update for qemu
by opensuse-security＠opensuse.org 11 Sep '17

11 Sep '17

SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2416-1 Rating: important References: #1011144 #1031692 #1046636 #1047674 #1048296 #1048902 #1049381 #1050268 Cross-References: CVE-2017-10664 CVE-2017-10806 CVE-2017-11334 CVE-2017-11434 Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has four fixes is now available. Description: This update for qemu fixes the following issues: Security issues fixed: * CVE-2017-10664: Fix DOS vulnerability in qemu-nbd (bsc#1046636) * CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support (bsc#1047674) * CVE-2017-11334: Fix OOB access during DMA operation (bsc#1048902) * CVE-2017-11434: Fix OOB access parsing dhcp slirp options (bsc#1049381) Following non-security issues were fixed: - Postrequire acl for setfacl - Prerequire shadow for groupadd - The recent security fix for CVE-2017-11334 adversely affects Xen. Include two additional patches to make sure Xen is going to be OK. - Pre-add group kvm for qemu-tools (bsc#1011144) - Fixed a few more inaccuracies in the support docs. - Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12 SP3. Apply a few additional clarifications in the support docs. (bsc#1050268) - Adjust to libvdeplug-devel package naming changes. - Fix migration with xhci (bsc#1048296) - Increase VNC delay to fix missing keyboard input events (bsc#1031692) - Remove build dependency package iasl used for seabios Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1490=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1490=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): qemu-2.9.0-6.3.1 qemu-block-curl-2.9.0-6.3.1 qemu-block-curl-debuginfo-2.9.0-6.3.1 qemu-block-ssh-2.9.0-6.3.1 qemu-block-ssh-debuginfo-2.9.0-6.3.1 qemu-debugsource-2.9.0-6.3.1 qemu-guest-agent-2.9.0-6.3.1 qemu-guest-agent-debuginfo-2.9.0-6.3.1 qemu-lang-2.9.0-6.3.1 qemu-tools-2.9.0-6.3.1 qemu-tools-debuginfo-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 x86_64): qemu-block-rbd-2.9.0-6.3.1 qemu-block-rbd-debuginfo-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): qemu-kvm-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64): qemu-arm-2.9.0-6.3.1 qemu-arm-debuginfo-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (ppc64le): qemu-ppc-2.9.0-6.3.1 qemu-ppc-debuginfo-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (x86_64): qemu-x86-2.9.0-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): qemu-ipxe-1.0.0-6.3.1 qemu-seabios-1.10.2-6.3.1 qemu-sgabios-8-6.3.1 qemu-vgabios-1.10.2-6.3.1 - SUSE Linux Enterprise Server 12-SP3 (s390x): qemu-s390-2.9.0-6.3.1 qemu-s390-debuginfo-2.9.0-6.3.1 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): qemu-ipxe-1.0.0-6.3.1 qemu-seabios-1.10.2-6.3.1 qemu-sgabios-8-6.3.1 qemu-vgabios-1.10.2-6.3.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): qemu-2.9.0-6.3.1 qemu-block-curl-2.9.0-6.3.1 qemu-block-curl-debuginfo-2.9.0-6.3.1 qemu-debugsource-2.9.0-6.3.1 qemu-kvm-2.9.0-6.3.1 qemu-tools-2.9.0-6.3.1 qemu-tools-debuginfo-2.9.0-6.3.1 qemu-x86-2.9.0-6.3.1 References: https://www.suse.com/security/cve/CVE-2017-10664.html https://www.suse.com/security/cve/CVE-2017-10806.html https://www.suse.com/security/cve/CVE-2017-11334.html https://www.suse.com/security/cve/CVE-2017-11434.html https://bugzilla.suse.com/1011144 https://bugzilla.suse.com/1031692 https://bugzilla.suse.com/1046636 https://bugzilla.suse.com/1047674 https://bugzilla.suse.com/1048296 https://bugzilla.suse.com/1048902 https://bugzilla.suse.com/1049381 https://bugzilla.suse.com/1050268 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2398-1: important: Security update for xen
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2398-1 Rating: important References: #1002573 #1026236 #1035231 #1037840 #1046637 #1049578 #1051787 #1051788 #1051789 #1052686 #1055695 Cross-References: CVE-2016-9603 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has four fixes is now available. Description: This update for xen to version 4.7.3 fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information (XSA-226, bsc#1051787). - CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for privilege escalation (XSA-227, bsc#1051788). - CVE-2017-12136: Race conditions with maptrack free list handling allows a malicious guest administrator to crash the host or escalate their privilege to that of the host (XSA-228, bsc#1051789). - CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049578). - CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046637). - CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to potentially leaking sensitive information (XSA-230 CVE-2017-12855). These non-security issues were fixed: - bsc#1055695: XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack - bsc#1035231: Migration of HVM domU did not use superpages on destination dom0 - bsc#1002573: Optimized LVM functions in block-dmmd block-dmmd - bsc#1037840: Xen-detect always showed HVM for PV guests This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1022=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): xen-debugsource-4.7.3_03-11.12.1 xen-devel-4.7.3_03-11.12.1 xen-libs-4.7.3_03-11.12.1 xen-libs-debuginfo-4.7.3_03-11.12.1 xen-tools-domU-4.7.3_03-11.12.1 xen-tools-domU-debuginfo-4.7.3_03-11.12.1 - openSUSE Leap 42.2 (x86_64): xen-4.7.3_03-11.12.1 xen-doc-html-4.7.3_03-11.12.1 xen-libs-32bit-4.7.3_03-11.12.1 xen-libs-debuginfo-32bit-4.7.3_03-11.12.1 xen-tools-4.7.3_03-11.12.1 xen-tools-debuginfo-4.7.3_03-11.12.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-10664.html https://www.suse.com/security/cve/CVE-2017-11434.html https://www.suse.com/security/cve/CVE-2017-12135.html https://www.suse.com/security/cve/CVE-2017-12136.html https://www.suse.com/security/cve/CVE-2017-12137.html https://www.suse.com/security/cve/CVE-2017-12855.html https://bugzilla.suse.com/1002573 https://bugzilla.suse.com/1026236 https://bugzilla.suse.com/1035231 https://bugzilla.suse.com/1037840 https://bugzilla.suse.com/1046637 https://bugzilla.suse.com/1049578 https://bugzilla.suse.com/1051787 https://bugzilla.suse.com/1051788 https://bugzilla.suse.com/1051789 https://bugzilla.suse.com/1052686 https://bugzilla.suse.com/1055695 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2394-1: important: Security update for xen
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2394-1 Rating: important References: #1002573 #1026236 #1027519 #1035231 #1046637 #1049578 #1051787 #1051788 #1051789 #1052686 #1055695 Cross-References: CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 5 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information (XSA-226, bsc#1051787). - CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for privilege escalation (XSA-227, bsc#1051788). - CVE-2017-12136: Race conditions with maptrack free list handling allows a malicious guest administrator to crash the host or escalate their privilege to that of the host (XSA-228, bsc#1051789). - CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049578). - CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046637). - CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to potentially leaking sensitive information (XSA-230 bsc#1052686. These non-security issues were fixed: - bsc#1055695: XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack - bsc#1035231: Migration of HVM domU did not use superpages on destination dom0 - bsc#1002573: Optimized LVM functions in block-dmmd block-dmmd This update was imported from the SUSE:SLE-12-SP3:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1023=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (x86_64): xen-4.9.0_11-4.1 xen-debugsource-4.9.0_11-4.1 xen-devel-4.9.0_11-4.1 xen-doc-html-4.9.0_11-4.1 xen-libs-4.9.0_11-4.1 xen-libs-debuginfo-4.9.0_11-4.1 xen-tools-4.9.0_11-4.1 xen-tools-debuginfo-4.9.0_11-4.1 xen-tools-domU-4.9.0_11-4.1 xen-tools-domU-debuginfo-4.9.0_11-4.1 References: https://www.suse.com/security/cve/CVE-2017-10664.html https://www.suse.com/security/cve/CVE-2017-11434.html https://www.suse.com/security/cve/CVE-2017-12135.html https://www.suse.com/security/cve/CVE-2017-12136.html https://www.suse.com/security/cve/CVE-2017-12137.html https://www.suse.com/security/cve/CVE-2017-12855.html https://bugzilla.suse.com/1002573 https://bugzilla.suse.com/1026236 https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1035231 https://bugzilla.suse.com/1046637 https://bugzilla.suse.com/1049578 https://bugzilla.suse.com/1051787 https://bugzilla.suse.com/1051788 https://bugzilla.suse.com/1051789 https://bugzilla.suse.com/1052686 https://bugzilla.suse.com/1055695 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2393-1: important: Security update for gdk-pixbuf
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

openSUSE Security Update: Security update for gdk-pixbuf ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2393-1 Rating: important References: #1027024 #1027025 #1027026 #1048289 #1048544 #1049877 Cross-References: CVE-2017-2862 CVE-2017-2870 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. Description: This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (bsc#1048289) - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability (bsc#1048544) - CVE-2017-6313: A dangerous integer underflow in io-icns.c (bsc#1027024) - CVE-2017-6314: Infinite loop in io-tiff.c (bsc#1027025) - CVE-2017-6312: Out-of-bounds read on io-ico.c (bsc#1027026) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1024=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1024=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): gdk-pixbuf-debugsource-2.34.0-10.1 gdk-pixbuf-devel-2.34.0-10.1 gdk-pixbuf-devel-debuginfo-2.34.0-10.1 gdk-pixbuf-query-loaders-2.34.0-10.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-10.1 libgdk_pixbuf-2_0-0-2.34.0-10.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-10.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-10.1 - openSUSE Leap 42.3 (noarch): gdk-pixbuf-lang-2.34.0-10.1 - openSUSE Leap 42.3 (x86_64): gdk-pixbuf-devel-32bit-2.34.0-10.1 gdk-pixbuf-devel-debuginfo-32bit-2.34.0-10.1 gdk-pixbuf-query-loaders-32bit-2.34.0-10.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-10.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-10.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-10.1 - openSUSE Leap 42.2 (i586 x86_64): gdk-pixbuf-debugsource-2.34.0-7.3.1 gdk-pixbuf-devel-2.34.0-7.3.1 gdk-pixbuf-devel-debuginfo-2.34.0-7.3.1 gdk-pixbuf-query-loaders-2.34.0-7.3.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-7.3.1 libgdk_pixbuf-2_0-0-2.34.0-7.3.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-7.3.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-7.3.1 - openSUSE Leap 42.2 (noarch): gdk-pixbuf-lang-2.34.0-7.3.1 - openSUSE Leap 42.2 (x86_64): gdk-pixbuf-devel-32bit-2.34.0-7.3.1 gdk-pixbuf-devel-debuginfo-32bit-2.34.0-7.3.1 gdk-pixbuf-query-loaders-32bit-2.34.0-7.3.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-7.3.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-7.3.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-7.3.1 References: https://www.suse.com/security/cve/CVE-2017-2862.html https://www.suse.com/security/cve/CVE-2017-2870.html https://www.suse.com/security/cve/CVE-2017-6312.html https://www.suse.com/security/cve/CVE-2017-6313.html https://www.suse.com/security/cve/CVE-2017-6314.html https://bugzilla.suse.com/1027024 https://bugzilla.suse.com/1027025 https://bugzilla.suse.com/1027026 https://bugzilla.suse.com/1048289 https://bugzilla.suse.com/1048544 https://bugzilla.suse.com/1049877 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2392-1: important: Security update for postgresql94
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

openSUSE Security Update: Security update for postgresql94 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2392-1 Rating: important References: #1051684 #1051685 #1053259 Cross-References: CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for postgresql94 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) * CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1020=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1020=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): postgresql94-9.4.13-12.1 postgresql94-contrib-9.4.13-12.1 postgresql94-contrib-debuginfo-9.4.13-12.1 postgresql94-debuginfo-9.4.13-12.1 postgresql94-debugsource-9.4.13-12.1 postgresql94-devel-9.4.13-12.1 postgresql94-devel-debuginfo-9.4.13-12.1 postgresql94-libs-debugsource-9.4.13-12.1 postgresql94-plperl-9.4.13-12.1 postgresql94-plperl-debuginfo-9.4.13-12.1 postgresql94-plpython-9.4.13-12.1 postgresql94-plpython-debuginfo-9.4.13-12.1 postgresql94-pltcl-9.4.13-12.1 postgresql94-pltcl-debuginfo-9.4.13-12.1 postgresql94-server-9.4.13-12.1 postgresql94-server-debuginfo-9.4.13-12.1 postgresql94-test-9.4.13-12.1 - openSUSE Leap 42.3 (noarch): postgresql94-docs-9.4.13-12.1 - openSUSE Leap 42.2 (i586 x86_64): postgresql94-9.4.13-9.9.1 postgresql94-contrib-9.4.13-9.9.1 postgresql94-contrib-debuginfo-9.4.13-9.9.1 postgresql94-debuginfo-9.4.13-9.9.1 postgresql94-debugsource-9.4.13-9.9.1 postgresql94-devel-9.4.13-9.9.1 postgresql94-devel-debuginfo-9.4.13-9.9.1 postgresql94-libs-debugsource-9.4.13-9.9.1 postgresql94-plperl-9.4.13-9.9.1 postgresql94-plperl-debuginfo-9.4.13-9.9.1 postgresql94-plpython-9.4.13-9.9.1 postgresql94-plpython-debuginfo-9.4.13-9.9.1 postgresql94-pltcl-9.4.13-9.9.1 postgresql94-pltcl-debuginfo-9.4.13-9.9.1 postgresql94-server-9.4.13-9.9.1 postgresql94-server-debuginfo-9.4.13-9.9.1 postgresql94-test-9.4.13-9.9.1 - openSUSE Leap 42.2 (noarch): postgresql94-docs-9.4.13-9.9.1 References: https://www.suse.com/security/cve/CVE-2017-7546.html https://www.suse.com/security/cve/CVE-2017-7547.html https://www.suse.com/security/cve/CVE-2017-7548.html https://bugzilla.suse.com/1051684 https://bugzilla.suse.com/1051685 https://bugzilla.suse.com/1053259 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2391-1: important: Security update for postgresql96
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

openSUSE Security Update: Security update for postgresql96 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2391-1 Rating: important References: #1051684 #1051685 #1053259 Cross-References: CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for postgresql96 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) * CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.6/static/release-9-6-4.html This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1021=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1021=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): libecpg6-9.6.4-6.1 libecpg6-debuginfo-9.6.4-6.1 libpq5-9.6.4-6.1 libpq5-debuginfo-9.6.4-6.1 postgresql96-9.6.4-6.1 postgresql96-contrib-9.6.4-6.1 postgresql96-contrib-debuginfo-9.6.4-6.1 postgresql96-debuginfo-9.6.4-6.1 postgresql96-debugsource-9.6.4-6.1 postgresql96-devel-9.6.4-6.1 postgresql96-devel-debuginfo-9.6.4-6.1 postgresql96-libs-debugsource-9.6.4-6.1 postgresql96-plperl-9.6.4-6.1 postgresql96-plperl-debuginfo-9.6.4-6.1 postgresql96-plpython-9.6.4-6.1 postgresql96-plpython-debuginfo-9.6.4-6.1 postgresql96-pltcl-9.6.4-6.1 postgresql96-pltcl-debuginfo-9.6.4-6.1 postgresql96-server-9.6.4-6.1 postgresql96-server-debuginfo-9.6.4-6.1 postgresql96-test-9.6.4-6.1 - openSUSE Leap 42.3 (noarch): postgresql96-docs-9.6.4-6.1 - openSUSE Leap 42.3 (x86_64): libecpg6-32bit-9.6.4-6.1 libecpg6-debuginfo-32bit-9.6.4-6.1 libpq5-32bit-9.6.4-6.1 libpq5-debuginfo-32bit-9.6.4-6.1 - openSUSE Leap 42.2 (i586 x86_64): libecpg6-9.6.4-5.1 libecpg6-debuginfo-9.6.4-5.1 libpq5-9.6.4-5.1 libpq5-debuginfo-9.6.4-5.1 postgresql96-9.6.4-5.1 postgresql96-contrib-9.6.4-5.1 postgresql96-contrib-debuginfo-9.6.4-5.1 postgresql96-debuginfo-9.6.4-5.1 postgresql96-debugsource-9.6.4-5.1 postgresql96-devel-9.6.4-5.1 postgresql96-devel-debuginfo-9.6.4-5.1 postgresql96-libs-debugsource-9.6.4-5.1 postgresql96-plperl-9.6.4-5.1 postgresql96-plperl-debuginfo-9.6.4-5.1 postgresql96-plpython-9.6.4-5.1 postgresql96-plpython-debuginfo-9.6.4-5.1 postgresql96-pltcl-9.6.4-5.1 postgresql96-pltcl-debuginfo-9.6.4-5.1 postgresql96-server-9.6.4-5.1 postgresql96-server-debuginfo-9.6.4-5.1 postgresql96-test-9.6.4-5.1 - openSUSE Leap 42.2 (x86_64): libecpg6-32bit-9.6.4-5.1 libecpg6-debuginfo-32bit-9.6.4-5.1 libpq5-32bit-9.6.4-5.1 libpq5-debuginfo-32bit-9.6.4-5.1 - openSUSE Leap 42.2 (noarch): postgresql96-docs-9.6.4-5.1 References: https://www.suse.com/security/cve/CVE-2017-7546.html https://www.suse.com/security/cve/CVE-2017-7547.html https://www.suse.com/security/cve/CVE-2017-7548.html https://bugzilla.suse.com/1051684 https://bugzilla.suse.com/1051685 https://bugzilla.suse.com/1053259 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2390-1: important: Security update for evince
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

SUSE Security Update: Security update for evince ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2390-1 Rating: important References: #1046856 Cross-References: CVE-2017-1000083 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for evince fixes the following issue: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code (bsc#1046856). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP3: zypper in -t patch SUSE-SLE-WE-12-SP3-2017-1479=1 - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1479=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1479=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1479=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1479=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1479=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1479=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1479=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1479=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64): evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-devel-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-devel-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): evince-3.20.1-6.16.1 evince-browser-plugin-3.20.1-6.16.1 evince-browser-plugin-debuginfo-3.20.1-6.16.1 evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-plugin-djvudocument-3.20.1-6.16.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.16.1 evince-plugin-dvidocument-3.20.1-6.16.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.16.1 evince-plugin-pdfdocument-3.20.1-6.16.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.16.1 evince-plugin-psdocument-3.20.1-6.16.1 evince-plugin-psdocument-debuginfo-3.20.1-6.16.1 evince-plugin-tiffdocument-3.20.1-6.16.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.16.1 evince-plugin-xpsdocument-3.20.1-6.16.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.16.1 libevdocument3-4-3.20.1-6.16.1 libevdocument3-4-debuginfo-3.20.1-6.16.1 libevview3-3-3.20.1-6.16.1 libevview3-3-debuginfo-3.20.1-6.16.1 nautilus-evince-3.20.1-6.16.1 nautilus-evince-debuginfo-3.20.1-6.16.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): evince-lang-3.20.1-6.16.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): evince-3.20.1-6.16.1 evince-browser-plugin-3.20.1-6.16.1 evince-browser-plugin-debuginfo-3.20.1-6.16.1 evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-plugin-djvudocument-3.20.1-6.16.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.16.1 evince-plugin-dvidocument-3.20.1-6.16.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.16.1 evince-plugin-pdfdocument-3.20.1-6.16.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.16.1 evince-plugin-psdocument-3.20.1-6.16.1 evince-plugin-psdocument-debuginfo-3.20.1-6.16.1 evince-plugin-tiffdocument-3.20.1-6.16.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.16.1 evince-plugin-xpsdocument-3.20.1-6.16.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.16.1 libevdocument3-4-3.20.1-6.16.1 libevdocument3-4-debuginfo-3.20.1-6.16.1 libevview3-3-3.20.1-6.16.1 libevview3-3-debuginfo-3.20.1-6.16.1 nautilus-evince-3.20.1-6.16.1 nautilus-evince-debuginfo-3.20.1-6.16.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): evince-lang-3.20.1-6.16.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): evince-3.20.1-6.16.1 evince-browser-plugin-3.20.1-6.16.1 evince-browser-plugin-debuginfo-3.20.1-6.16.1 evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-plugin-djvudocument-3.20.1-6.16.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.16.1 evince-plugin-dvidocument-3.20.1-6.16.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.16.1 evince-plugin-pdfdocument-3.20.1-6.16.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.16.1 evince-plugin-psdocument-3.20.1-6.16.1 evince-plugin-psdocument-debuginfo-3.20.1-6.16.1 evince-plugin-tiffdocument-3.20.1-6.16.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.16.1 evince-plugin-xpsdocument-3.20.1-6.16.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.16.1 libevdocument3-4-3.20.1-6.16.1 libevdocument3-4-debuginfo-3.20.1-6.16.1 libevview3-3-3.20.1-6.16.1 libevview3-3-debuginfo-3.20.1-6.16.1 nautilus-evince-3.20.1-6.16.1 nautilus-evince-debuginfo-3.20.1-6.16.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): evince-lang-3.20.1-6.16.1 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): evince-lang-3.20.1-6.16.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): evince-3.20.1-6.16.1 evince-browser-plugin-3.20.1-6.16.1 evince-browser-plugin-debuginfo-3.20.1-6.16.1 evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-plugin-djvudocument-3.20.1-6.16.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.16.1 evince-plugin-dvidocument-3.20.1-6.16.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.16.1 evince-plugin-pdfdocument-3.20.1-6.16.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.16.1 evince-plugin-psdocument-3.20.1-6.16.1 evince-plugin-psdocument-debuginfo-3.20.1-6.16.1 evince-plugin-tiffdocument-3.20.1-6.16.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.16.1 evince-plugin-xpsdocument-3.20.1-6.16.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.16.1 libevdocument3-4-3.20.1-6.16.1 libevdocument3-4-debuginfo-3.20.1-6.16.1 libevview3-3-3.20.1-6.16.1 libevview3-3-debuginfo-3.20.1-6.16.1 nautilus-evince-3.20.1-6.16.1 nautilus-evince-debuginfo-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): evince-3.20.1-6.16.1 evince-browser-plugin-3.20.1-6.16.1 evince-browser-plugin-debuginfo-3.20.1-6.16.1 evince-debuginfo-3.20.1-6.16.1 evince-debugsource-3.20.1-6.16.1 evince-plugin-djvudocument-3.20.1-6.16.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.16.1 evince-plugin-dvidocument-3.20.1-6.16.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.16.1 evince-plugin-pdfdocument-3.20.1-6.16.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.16.1 evince-plugin-psdocument-3.20.1-6.16.1 evince-plugin-psdocument-debuginfo-3.20.1-6.16.1 evince-plugin-tiffdocument-3.20.1-6.16.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.16.1 evince-plugin-xpsdocument-3.20.1-6.16.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.16.1 libevdocument3-4-3.20.1-6.16.1 libevdocument3-4-debuginfo-3.20.1-6.16.1 libevview3-3-3.20.1-6.16.1 libevview3-3-debuginfo-3.20.1-6.16.1 nautilus-evince-3.20.1-6.16.1 nautilus-evince-debuginfo-3.20.1-6.16.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.16.1 typelib-1_0-EvinceView-3_0-3.20.1-6.16.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): evince-lang-3.20.1-6.16.1 References: https://www.suse.com/security/cve/CVE-2017-1000083.html https://bugzilla.suse.com/1046856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2389-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 08 Sep '17

08 Sep '17

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2389-1 Rating: important References: #1000365 #1000380 #1012422 #1013018 #1015452 #1023051 #1029140 #1029850 #1030552 #1030593 #1030814 #1032340 #1032471 #1034026 #1034670 #1035576 #1035721 #1035777 #1035920 #1036056 #1036288 #1036629 #1037191 #1037193 #1037227 #1037232 #1037233 #1037356 #1037358 #1037359 #1037441 #1038544 #1038879 #1038981 #1038982 #1039258 #1039354 #1039456 #1039594 #1039882 #1039883 #1039885 #1040069 #1040351 #1041160 #1041431 #1041762 #1041975 #1042045 #1042615 #1042633 #1042687 #1042832 #1042863 #1043014 #1043234 #1043935 #1044015 #1044125 #1044216 #1044230 #1044854 #1044882 #1044913 #1045154 #1045356 #1045416 #1045479 #1045487 #1045525 #1045538 #1045547 #1045615 #1046107 #1046192 #1046715 #1047027 #1047053 #1047343 #1047354 #1047487 #1047523 #1047653 #1048185 #1048221 #1048232 #1048275 #1049128 #1049483 #1049603 #1049688 #1049882 #1050154 #1050431 #1051478 #1051515 #1051770 #1055680 #784815 #792863 #799133 #909618 #919382 #928138 #938352 #943786 #948562 #962257 #971975 #972891 #986924 #990682 #995542 Cross-References: CVE-2014-9922 CVE-2016-10277 CVE-2017-1000363 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-11176 CVE-2017-11473 CVE-2017-2647 CVE-2017-6951 CVE-2017-7482 CVE-2017-7487 CVE-2017-7533 CVE-2017-7542 CVE-2017-8890 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9242 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 21 vulnerabilities and has 92 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107). - CVE-2016-10277: Potential privilege escalation due to a missing bounds check in the lp driver. A kernel command-line adversary can overflow the parport_nr array to execute code (bsc#1039456). - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882). - CVE-2017-7533: Bug in inotify code allowing privilege escalation (bsc#1049483). - CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bsc#1048275). - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603). - CVE-2017-1000365: The Linux Kernel imposed a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354) - CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bnc#1032340) - CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1038982). - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1038981). - CVE-2017-1000380: sound/core/timer.c was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents could have bene disclosed when a read and an ioctl happen at the same time (bnc#1044125) - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431) - CVE-2017-1000363: A buffer overflow in kernel commandline handling of the "lp" parameter could be used by local console attackers to bypass certain secure boot settings. (bnc#1039456) - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885) - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069) - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883) - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882) - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879) - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544) - CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593) - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type (bnc#1029850) The following non-security bugs were fixed: - 8250: use callbacks to access UART_DLL/UART_DLM. - ALSA: ctxfi: Fallback DMA mask to 32bit (bsc#1045538). - ALSA: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538). - ALSA: hda - using uninitialized data (bsc#1045538). - ALSA: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538). - ALSA: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538). - ALSA: off by one bug in snd_riptide_joystick_probe() (bsc#1045538). - ALSA: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538). - Add CVE tag to references - CIFS: backport prepath matching fix (bsc#799133). - Drop CONFIG_PPC_CELL from bigmem (bsc#1049128). - EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr(). - Fix scripts/bigmem-generate-ifdef-guard to work on all branches - Fix soft lockup in svc_rdma_send (bsc#1044854). - IB/mlx4: Demote mcg message from warning to debug (bsc#919382). - IB/mlx4: Fix ib device initialization error flow (bsc#919382). - IB/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382). - IB/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382). - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382). - IB/mlx4: Set traffic class in AH (bsc#919382). - Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288). - Input: cm109 - validate number of endpoints before using them (bsc#1037193). - Input: hanwang - validate number of endpoints before using them (bsc#1037232). - Input: yealink - validate number of endpoints before using them (bsc#1037227). - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576). - NFS: Avoid getting confused by confused server (bsc#1045416). - NFS: Fix another OPEN_DOWNGRADE bug (git-next). - NFS: Fix size of NFSACL SETACL operations (git-fixes). - NFS: Make nfs_readdir revalidate less often (bsc#1048232). - NFS: tidy up nfs_show_mountd_netid (git-fixes). - NFSD: Do not use state id of 0 - it is reserved (bsc#1049688 bsc#1051770). - NFSv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes). - NFSv4: Fix another bug in the close/open_downgrade code (git-fixes). - NFSv4: Fix problems with close in the presence of a delegation (git-fixes). - NFSv4: Fix the underestimation of delegation XDR space reservation (git-fixes). - NFSv4: fix getacl head length estimation (git-fixes). - PCI: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes). - Remove superfluous make flags (bsc#1012422) - Return short read or 0 at end of a raw device, not EIO (bsc#1039594). - Revert "math64: New div64_u64_rem helper" (bnc#938352). - SUNRPC: Fix a memory leak in the backchannel code (git-fixes). - Staging: vt6655-6: potential NULL dereference in hostap_disable_hostapd() (bsc#1045479). - USB: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288). - USB: class: usbtmc: do not print error when allocating urb fails (bsc#1036288). - USB: class: usbtmc: do not print on ENOMEM (bsc#1036288). - USB: iowarrior: fix NULL-deref in write (bsc#1037359). - USB: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441). - USB: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053). - USB: serial: ark3116: fix register-accessor error handling (git-fixes). - USB: serial: ch341: fix open error handling (bsc#1037441). - USB: serial: cp210x: fix tiocmget error handling (bsc#1037441). - USB: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441). - USB: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441). - USB: serial: io_ti: fix information leak in completion handler (git-fixes). - USB: serial: mos7840: fix another NULL-deref at open (bsc#1034026). - USB: serial: oti6858: fix NULL-deref at open (bsc#1037441). - USB: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441). - USB: serial: spcp8x5: fix NULL-deref at open (bsc#1037441). - USB: usbip: fix nonconforming hub descriptor (bsc#1047487). - USB: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288). - USB: usbtmc: Change magic number to constant (bsc#1036288). - USB: usbtmc: Set rigol_quirk if device is listed (bsc#1036288). - USB: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288). - USB: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288). - USB: usbtmc: add missing endpoint sanity check (bsc#1036288). - USB: usbtmc: fix DMA on stack (bsc#1036288). - USB: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288). - USB: usbtmc: fix probe error path (bsc#1036288). - USB: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288). - USB: wusbcore: fix NULL-deref at probe (bsc#1045487). - Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854). - Use make --output-sync feature when available (bsc#1012422). - Xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924). - __bitmap_parselist: fix bug in empty string handling (bnc#1042633). - acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051). - af_key: Add lock to key dump (bsc#1047653). - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354). - ath9k: fix buffer overrun for ar9287 (bsc#1045538). - blacklist b50a6c584bb4 powerpc/perf: Clear MMCR2 when enabling PMU (bsc#1035721). - blacklist.conf: Add a few inapplicable items (bsc#1045538). - blacklist.conf: Blacklist 847fa1a6d3d0 ('ftrace/x86_32: Set ftrace_stub to weak to prevent gcc from using short jumps to it') The released kernels are not build with a gas new enough to optimize the jmps so that this patch would be required. (bsc#1051478) - blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216). - block: do not allow updates through sysfs until registration completes (bsc#1047027). - block: fix ext_dev_lock lockdep report (bsc#1050154). - btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - cifs: Timeout on SMBNegotiate request (bsc#1044913). - cifs: do not compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975). backporting upstream commit 2f2591a34db6c9361faa316c91a6e320cb4e6aee - cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935). - cputime: Avoid multiplication overflow on utime scaling (bnc#938352). - crypto: nx - off by one bug in nx_of_update_msc() (bnc#792863). - decompress_bunzip2: off by one in get_next_block() (git-fixes). - dentry name snapshots (bsc#1049483). - devres: fix a for loop bounds check (git-fixes). - dm: fix ioctl retry termination with signal (bsc#1050154). - drm/mgag200: Add support for G200eH3 (bnc#1044216) - drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452, bsc#995542). - ext2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext3: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018). - ext4: keep existing extra fields when inode expands (bsc#1013018). - fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762). - firmware: fix directory creation rule matching with make 3.80 (bsc#1012422). - firmware: fix directory creation rule matching with make 3.82 (bsc#1012422). - fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045). - fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920). - fnic: Using rport->dd_data to check rport online instead of rport_lookup (bsc#1035920). - fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes). - fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018). - fs: fix data invalidation in the cleancache during direct IO (git-fixes). - fuse: add missing FR_FORCE (bsc#1013018). - genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230). - hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018). - initial cr0 bits (bnc#1036056, LTC#153612). - ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes). - irq: Fix race condition (bsc#1042615). - isdn/gigaset: fix NULL-deref at probe (bsc#1037356). - isofs: Do not return EACCES for unknown filesystems (bsc#1013018). - jsm: add support for additional Neo cards (bsc#1045615). - kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422) - libata: fix sff host state machine locking while polling (bsc#1045525). - libceph: NULL deref on crush_decode() error path (bsc#1044015). - libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515). - libfc: fixup locking in fc_disc_stop() (bsc#1029140). - libfc: move 'pending' and 'requested' setting (bsc#1029140). - libfc: only restart discovery after timeout if not already running (bsc#1029140). - locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018). - math64: New div64_u64_rem helper (bnc#938352). - md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes). - md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes). - md/raid1: fix test for 'was read error from last working device' (git-fixes). - md/raid5: Fix CPU hotplug callback registration (git-fixes). - md/raid5: do not record new size if resize_stripes fails (git-fixes). - md: ensure md devices are freed before module is unloaded (git-fixes). - md: fix a null dereference (bsc#1040351). - md: flush ->event_work before stopping array (git-fixes). - md: make sure GET_ARRAY_INFO ioctl reports correct "clean" status (git-fixes). - md: use separate bio_pool for metadata writes (bsc#1040351). - megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154). - mlx4: reduce OOM risk on arches with large pages (bsc#919382). - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832). - mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes). - mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832). - mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547). - mmc: ushc: fix NULL-deref at probe (bsc#1037191). - module: fix memory leak on early load_module() failures (bsc#1043014). - mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185). - net/mlx4: Fix the check in attaching steering rules (bsc#919382). - net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382). - net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382). - net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382). - net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382). - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382). - net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382). - net/mlx4_core: Prevent VF from changing port configuration (bsc#919382). - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382). - net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382). - net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382). - net/mlx4_en: Change the error print to debug print (bsc#919382). - net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382). - net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382). - net/mlx4_en: Wake TX queues only when there's enough room (bsc#1039258). - net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382). - net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes). - net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes). - net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes). - net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358). - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815). - nfs: fix nfs_size_to_loff_t (git-fixes). - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670). - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670). - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670). - ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257). - perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018). - perf/core: Fix event inheritance on fork() (bnc#1013018). - powerpc/ibmebus: Fix device reference leaks in sysfs interface (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes). - powerpc/ibmebus: Fix further device reference leaks (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes). - powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (bsc#1032471). - powerpc/mm/hash: Convert mask to unsigned long (bsc#1032471). - powerpc/mm/hash: Increase VA range to 128TB (bsc#1032471). - powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (bsc#1032471). - powerpc/mm/hash: Support 68 bit VA (bsc#1032471). - powerpc/mm/hash: Use context ids 1-4 for the kernel (bsc#1032471). - powerpc/mm/slice: Convert slice_mask high slice to a bitmap (bsc#1032471). - powerpc/mm/slice: Fix off-by-1 error when computing slice mask (bsc#1032471). - powerpc/mm/slice: Move slice_mask struct definition to slice.c (bsc#1032471). - powerpc/mm/slice: Update slice mask printing to use bitmap printing (bsc#1032471). - powerpc/mm/slice: Update the function prototype (bsc#1032471). - powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138). - powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (bsc#1032471). - powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (bsc#1032471). - powerpc/pci/rpadlpar: Fix device reference leaks (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes). - powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes). - powerpc: Drop support for pre-POWER4 cpus (bsc#1032471). - powerpc: Remove STAB code (bsc#1032471). - random32: fix off-by-one in seeding requirement (git-fixes). - reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - reiserfs: do not preallocate blocks for extended attributes (bsc#990682). - rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192). - s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234). - s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276). - s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276). - sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882). - sched/cputime: Do not scale when utime == 0 (bnc#938352). - sched/debug: Print the scheduler topology group mask (bnc#1013018). - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018). - sched/fair: Fix min_vruntime tracking (bnc#1013018). - sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched/topology: Fix building of overlapping sched-groups (bnc#1013018). - sched/topology: Fix overlapping sched_group_capacity (bnc#1013018). - sched/topology: Fix overlapping sched_group_mask (bnc#1013018). - sched/topology: Move comment about asymmetric node setups (bnc#1013018). - sched/topology: Optimize build_group_mask() (bnc#1013018). - sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018). - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018). - sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018). - sched/topology: Verify the first group matches the child domain (bnc#1013018). - sched: Always initialize cpu-power (bnc#1013018). - sched: Avoid cputime scaling overflow (bnc#938352). - sched: Avoid prev->stime underflow (bnc#938352). - sched: Do not account bogus utime (bnc#938352). - sched: Fix SD_OVERLAP (bnc#1013018). - sched: Fix domain iteration (bnc#1013018). - sched: Lower chances of cputime scaling overflow (bnc#938352). - sched: Move nr_cpus_allowed out of 'struct sched_rt_entity' (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018). - sched: Use swap() macro in scale_stime() (bnc#938352). - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221). - scsi: fix race between simultaneous decrements of ->host_failed (bsc#1050154). - scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920). - scsi: mvsas: fix command_active typo (bsc#1050154). - scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154). - sfc: do not device_attach if a reset is pending (bsc#909618). - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - splice: Stub splice_write_to_file (bsc#1043234). - svcrdma: Fix send_reply() scatter/gather set-up (git-fixes). - target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154). - tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018). - tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687). - udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018). - udf: Fix races with i_size changes during readpage (bsc#1013018). - usbtmc: remove redundant braces (bsc#1036288). - usbtmc: remove trailing spaces (bsc#1036288). - usbvision: fix NULL-deref at probe (bsc#1050431). - uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233). - uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629). - vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1050431). - vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356). - vmxnet3: fix checks for dma mapping errors (bsc#1045356). - vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356). - x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562). - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression greater than 0 (bsc#1051478). - xen: avoid deadlock in xenbus (bnc#1047523). - xfrm: NULL dereference on allocation failure (bsc#1047343). - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653). - xfrm: dst_entries_init() per-net dst_ops (bsc#1030814). - xfs: Synchronize xfs_buf disposal routines (bsc#1041160). - xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160). - xprtrdma: Free the pd if ib_query_qp() fails (git-fixes). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-13274=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-13274=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-13274=1 - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-kernel-13274=1 - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-kernel-13274=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-13274=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-108.7.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-108.7.1 kernel-default-base-3.0.101-108.7.1 kernel-default-devel-3.0.101-108.7.1 kernel-source-3.0.101-108.7.1 kernel-syms-3.0.101-108.7.1 kernel-trace-3.0.101-108.7.1 kernel-trace-base-3.0.101-108.7.1 kernel-trace-devel-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-108.7.1 kernel-ec2-base-3.0.101-108.7.1 kernel-ec2-devel-3.0.101-108.7.1 kernel-xen-3.0.101-108.7.1 kernel-xen-base-3.0.101-108.7.1 kernel-xen-devel-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-108.7.1 kernel-bigmem-base-3.0.101-108.7.1 kernel-bigmem-devel-3.0.101-108.7.1 kernel-ppc64-3.0.101-108.7.1 kernel-ppc64-base-3.0.101-108.7.1 kernel-ppc64-devel-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-108.7.1 kernel-pae-base-3.0.101-108.7.1 kernel-pae-devel-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-108.7.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-108.7.1 - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): cluster-network-kmp-rt-1.4_3.0.101_rt130_68-2.32.2.14 cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_68-2.32.2.14 drbd-kmp-rt-8.4.4_3.0.101_rt130_68-0.27.2.13 drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_68-0.27.2.13 gfs2-kmp-rt-2_3.0.101_rt130_68-0.24.2.14 gfs2-kmp-rt_trace-2_3.0.101_rt130_68-0.24.2.14 ocfs2-kmp-rt-1.6_3.0.101_rt130_68-0.28.3.4 ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_68-0.28.3.4 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-trace-1.4_3.0.101_108.7-2.32.2.14 drbd-8.4.4-0.27.2.1 drbd-bash-completion-8.4.4-0.27.2.1 drbd-heartbeat-8.4.4-0.27.2.1 drbd-kmp-default-8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-trace-8.4.4_3.0.101_108.7-0.27.2.13 drbd-pacemaker-8.4.4-0.27.2.1 drbd-udev-8.4.4-0.27.2.1 drbd-utils-8.4.4-0.27.2.1 gfs2-kmp-default-2_3.0.101_108.7-0.24.2.14 gfs2-kmp-trace-2_3.0.101_108.7-0.24.2.14 ocfs2-kmp-default-1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-trace-1.6_3.0.101_108.7-0.28.3.4 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.101_108.7-2.32.2.14 drbd-kmp-xen-8.4.4_3.0.101_108.7-0.27.2.13 gfs2-kmp-xen-2_3.0.101_108.7-0.24.2.14 ocfs2-kmp-xen-1.6_3.0.101_108.7-0.28.3.4 - SUSE Linux Enterprise High Availability Extension 11-SP4 (x86_64): drbd-xen-8.4.4-0.27.2.1 - SUSE Linux Enterprise High Availability Extension 11-SP4 (ppc64): cluster-network-kmp-bigmem-1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-ppc64-1.4_3.0.101_108.7-2.32.2.14 drbd-kmp-bigmem-8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-ppc64-8.4.4_3.0.101_108.7-0.27.2.13 gfs2-kmp-bigmem-2_3.0.101_108.7-0.24.2.14 gfs2-kmp-ppc64-2_3.0.101_108.7-0.24.2.14 ocfs2-kmp-bigmem-1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-ppc64-1.6_3.0.101_108.7-0.28.3.4 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586): cluster-network-kmp-pae-1.4_3.0.101_108.7-2.32.2.14 drbd-kmp-pae-8.4.4_3.0.101_108.7-0.27.2.13 gfs2-kmp-pae-2_3.0.101_108.7-0.24.2.14 ocfs2-kmp-pae-1.6_3.0.101_108.7-0.28.3.4 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): drbd-debuginfo-8.4.4-0.27.2.1 drbd-debugsource-8.4.4-0.27.2.1 kernel-default-debuginfo-3.0.101-108.7.1 kernel-default-debugsource-3.0.101-108.7.1 kernel-trace-debuginfo-3.0.101-108.7.1 kernel-trace-debugsource-3.0.101-108.7.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-108.7.1 kernel-trace-devel-debuginfo-3.0.101-108.7.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-108.7.1 kernel-ec2-debugsource-3.0.101-108.7.1 kernel-xen-debuginfo-3.0.101-108.7.1 kernel-xen-debugsource-3.0.101-108.7.1 kernel-xen-devel-debuginfo-3.0.101-108.7.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-108.7.1 kernel-bigmem-debugsource-3.0.101-108.7.1 kernel-ppc64-debuginfo-3.0.101-108.7.1 kernel-ppc64-debugsource-3.0.101-108.7.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-108.7.1 kernel-pae-debugsource-3.0.101-108.7.1 kernel-pae-devel-debuginfo-3.0.101-108.7.1 References: https://www.suse.com/security/cve/CVE-2014-9922.html https://www.suse.com/security/cve/CVE-2016-10277.html https://www.suse.com/security/cve/CVE-2017-1000363.html https://www.suse.com/security/cve/CVE-2017-1000365.html https://www.suse.com/security/cve/CVE-2017-1000380.html https://www.suse.com/security/cve/CVE-2017-11176.html https://www.suse.com/security/cve/CVE-2017-11473.html https://www.suse.com/security/cve/CVE-2017-2647.html https://www.suse.com/security/cve/CVE-2017-6951.html https://www.suse.com/security/cve/CVE-2017-7482.html https://www.suse.com/security/cve/CVE-2017-7487.html https://www.suse.com/security/cve/CVE-2017-7533.html https://www.suse.com/security/cve/CVE-2017-7542.html https://www.suse.com/security/cve/CVE-2017-8890.html https://www.suse.com/security/cve/CVE-2017-8924.html https://www.suse.com/security/cve/CVE-2017-8925.html https://www.suse.com/security/cve/CVE-2017-9074.html https://www.suse.com/security/cve/CVE-2017-9075.html https://www.suse.com/security/cve/CVE-2017-9076.html https://www.suse.com/security/cve/CVE-2017-9077.html https://www.suse.com/security/cve/CVE-2017-9242.html https://bugzilla.suse.com/1000365 https://bugzilla.suse.com/1000380 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1013018 https://bugzilla.suse.com/1015452 https://bugzilla.suse.com/1023051 https://bugzilla.suse.com/1029140 https://bugzilla.suse.com/1029850 https://bugzilla.suse.com/1030552 https://bugzilla.suse.com/1030593 https://bugzilla.suse.com/1030814 https://bugzilla.suse.com/1032340 https://bugzilla.suse.com/1032471 https://bugzilla.suse.com/1034026 https://bugzilla.suse.com/1034670 https://bugzilla.suse.com/1035576 https://bugzilla.suse.com/1035721 https://bugzilla.suse.com/1035777 https://bugzilla.suse.com/1035920 https://bugzilla.suse.com/1036056 https://bugzilla.suse.com/1036288 https://bugzilla.suse.com/1036629 https://bugzilla.suse.com/1037191 https://bugzilla.suse.com/1037193 https://bugzilla.suse.com/1037227 https://bugzilla.suse.com/1037232 https://bugzilla.suse.com/1037233 https://bugzilla.suse.com/1037356 https://bugzilla.suse.com/1037358 https://bugzilla.suse.com/1037359 https://bugzilla.suse.com/1037441 https://bugzilla.suse.com/1038544 https://bugzilla.suse.com/1038879 https://bugzilla.suse.com/1038981 https://bugzilla.suse.com/1038982 https://bugzilla.suse.com/1039258 https://bugzilla.suse.com/1039354 https://bugzilla.suse.com/1039456 https://bugzilla.suse.com/1039594 https://bugzilla.suse.com/1039882 https://bugzilla.suse.com/1039883 https://bugzilla.suse.com/1039885 https://bugzilla.suse.com/1040069 https://bugzilla.suse.com/1040351 https://bugzilla.suse.com/1041160 https://bugzilla.suse.com/1041431 https://bugzilla.suse.com/1041762 https://bugzilla.suse.com/1041975 https://bugzilla.suse.com/1042045 https://bugzilla.suse.com/1042615 https://bugzilla.suse.com/1042633 https://bugzilla.suse.com/1042687 https://bugzilla.suse.com/1042832 https://bugzilla.suse.com/1042863 https://bugzilla.suse.com/1043014 https://bugzilla.suse.com/1043234 https://bugzilla.suse.com/1043935 https://bugzilla.suse.com/1044015 https://bugzilla.suse.com/1044125 https://bugzilla.suse.com/1044216 https://bugzilla.suse.com/1044230 https://bugzilla.suse.com/1044854 https://bugzilla.suse.com/1044882 https://bugzilla.suse.com/1044913 https://bugzilla.suse.com/1045154 https://bugzilla.suse.com/1045356 https://bugzilla.suse.com/1045416 https://bugzilla.suse.com/1045479 https://bugzilla.suse.com/1045487 https://bugzilla.suse.com/1045525 https://bugzilla.suse.com/1045538 https://bugzilla.suse.com/1045547 https://bugzilla.suse.com/1045615 https://bugzilla.suse.com/1046107 https://bugzilla.suse.com/1046192 https://bugzilla.suse.com/1046715 https://bugzilla.suse.com/1047027 https://bugzilla.suse.com/1047053 https://bugzilla.suse.com/1047343 https://bugzilla.suse.com/1047354 https://bugzilla.suse.com/1047487 https://bugzilla.suse.com/1047523 https://bugzilla.suse.com/1047653 https://bugzilla.suse.com/1048185 https://bugzilla.suse.com/1048221 https://bugzilla.suse.com/1048232 https://bugzilla.suse.com/1048275 https://bugzilla.suse.com/1049128 https://bugzilla.suse.com/1049483 https://bugzilla.suse.com/1049603 https://bugzilla.suse.com/1049688 https://bugzilla.suse.com/1049882 https://bugzilla.suse.com/1050154 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1051478 https://bugzilla.suse.com/1051515 https://bugzilla.suse.com/1051770 https://bugzilla.suse.com/1055680 https://bugzilla.suse.com/784815 https://bugzilla.suse.com/792863 https://bugzilla.suse.com/799133 https://bugzilla.suse.com/909618 https://bugzilla.suse.com/919382 https://bugzilla.suse.com/928138 https://bugzilla.suse.com/938352 https://bugzilla.suse.com/943786 https://bugzilla.suse.com/948562 https://bugzilla.suse.com/962257 https://bugzilla.suse.com/971975 https://bugzilla.suse.com/972891 https://bugzilla.suse.com/986924 https://bugzilla.suse.com/990682 https://bugzilla.suse.com/995542 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2384-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 07 Sep '17

07 Sep '17

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2384-1 Rating: important References: #1005776 #1015342 #1020645 #1020657 #1030850 #1031717 #1031784 #1034048 #1037838 #1040813 #1042847 #1047487 #1047989 #1048155 #1048228 #1048325 #1048327 #1048356 #1048501 #1048912 #1048934 #1049226 #1049272 #1049291 #1049336 #1050211 #1050742 #1051790 #1052093 #1052094 #1052095 #1052384 #1052580 #1052888 #1053117 #1053309 #1053472 #1053627 #1053629 #1053633 #1053681 #1053685 #1053802 #1053915 #1053919 #1054082 #1054084 #1055013 #1055096 #1055272 #1055290 #1055359 #1055709 #1055896 #1055935 #1055963 #1056185 #1056588 #1056827 #969756 Cross-References: CVE-2017-12134 CVE-2017-14051 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves two vulnerabilities and has 58 fixes is now available. Description: The openSUSE Leap 42.3 kernel was updated to 4.4.85 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588). - CVE-2017-12134: The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation (bnc#1051790 bnc#1053919). The following non-security bugs were fixed: - acpi: apd: Add clock frequency for Hisilicon Hip07/08 I2C controller (bsc#1049291). - acpi: apd: Fix HID for Hisilicon Hip07/08 (bsc#1049291). - acpi: APEI: Enable APEI multiple GHES source to share a single external IRQ (bsc#1053627). - acpi: irq: Fix return code of acpi_gsi_to_irq() (bsc#1053627). - acpi: pci: fix GIC irq model default PCI IRQ polarity (bsc#1053629). - acpi: scan: Prefer devices without _HID for _ADR matching (git-fixes). - Add "shutdown" to "struct class" (bsc#1053117). - alsa: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) (bsc#1020657). - alsa: hda - Implement mic-mute LED mode enum (bsc#1055013). - alsa: hda - Workaround for i915 KBL breakage (bsc#1048356,bsc#1047989,bsc#1055272). - alsa: ice1712: Add support for STAudio ADCIII (bsc#1048934). - alsa: usb-audio: Apply sample rate quirk to Sennheiser headset (bsc#1052580). - arm64: do not trace atomic operations (bsc#1055290). - block: add kblock_mod_delayed_work_on() (bsc#1050211). - block: Make blk_mq_delay_kick_requeue_list() rerun the queue at a quiet time (bsc#1050211). - block: provide bio_uninit() free freeing integrity/task associations (bsc#1050211). - block: return on congested block device (FATE#321994). - bluetooth: bnep: fix possible might sleep error in bnep_session (bsc#1031784). - bluetooth: cmtp: fix possible might sleep error in cmtp_session (bsc#1031784). - bnxt_en: Add a callback to inform RDMA driver during PCI shutdown (bsc#1053309). - bnxt_en: Add additional chip ID definitions (bsc#1053309). - bnxt_en: Add bnxt_get_num_stats() to centrally get the number of ethtool stats (bsc#1053309). - bnxt_en: Add missing logic to handle TPA end error conditions (bsc#1053309). - bnxt_en: Add PCI IDs for BCM57454 VF devices (bsc#1053309). - bnxt_en: Allow the user to set ethtool stats-block-usecs to 0 (bsc#1053309). - bnxt_en: Call bnxt_dcb_init() after getting firmware DCBX configuration (bsc#1053309). - bnxt_en: Check status of firmware DCBX agent before setting DCB_CAP_DCBX_HOST (bsc#1053309). - bnxt_en: Fix bug in ethtool -L (bsc#1053309). - bnxt_en: Fix netpoll handling (bsc#1053309). - bnxt_en: Fix race conditions in .ndo_get_stats64() (bsc#1053309). - bnxt_en: Fix SRIOV on big-endian architecture (bsc#1053309). - bnxt_en: Fix xmit_more with BQL (bsc#1053309). - bnxt_en: Implement ndo_bridge_{get|set}link methods (bsc#1053309). - bnxt_en: Implement xmit_more (bsc#1053309). - bnxt_en: Optimize doorbell write operations for newer chips (bsc#1053309). - bnxt_en: Pass in sh parameter to bnxt_set_dflt_rings() (bsc#1053309). - bnxt_en: Report firmware DCBX agent (bsc#1053309). - bnxt_en: Retrieve the hardware bridge mode from the firmware (bsc#1053309). - bnxt_en: Set ETS min_bw parameter for older firmware (bsc#1053309). - bnxt_en: Support for Short Firmware Message (bsc#1053309). - bnxt_en: Update firmware interface spec to 1.8.0 (bsc#1053309). - bnxt: fix unsigned comparsion with 0 (bsc#1053309). - bnxt: fix unused variable warnings (bsc#1053309). - btrfs: fix early ENOSPC due to delalloc (bsc#1049226). - btrfs: nowait aio: Correct assignment of pos (FATE#321994). - btrfs: nowait aio support (FATE#321994). - ceph: avoid accessing freeing inode in ceph_check_delayed_caps() (bsc#1048228). - ceph: avoid invalid memory dereference in the middle of umount (bsc#1048228). - ceph: cleanup writepage_nounlock() (bsc#1048228). - ceph: do not re-send interrupted flock request (bsc#1048228). - ceph: getattr before read on ceph.* xattrs (bsc#1048228). - ceph: handle epoch barriers in cap messages (bsc#1048228). - ceph: new mount option that specifies fscache uniquifier (bsc#1048228). - ceph: redirty page when writepage_nounlock() skips unwritable page (bsc#1048228). - ceph: remove special ack vs commit behavior (bsc#1048228). - ceph: remove useless page->mapping check in writepage_nounlock() (bsc#1048228). - ceph: re-request max size after importing caps (bsc#1048228). - ceph: update ceph_dentry_info::lease_session when necessary (bsc#1048228). - ceph: update the 'approaching max_size' code (bsc#1048228). - ceph: when seeing write errors on an inode, switch to sync writes (bsc#1048228). - cifs: Fix maximum SMB2 header size (bsc#1056185). - clocksource/drivers/arm_arch_timer: Fix mem frame loop initialization (bsc#1055709). - crush: assume weight_set != null imples weight_set_size > 0 (bsc#1048228). - crush: crush_init_workspace starts with struct crush_work (bsc#1048228). - crush: implement weight and id overrides for straw2 (bsc#1048228). - crush: remove an obsolete comment (bsc#1048228). - crypto: chcr - Add ctr mode and process large sg entries for cipher (bsc#1048325). - crypto: chcr - Avoid changing request structure (bsc#1048325). - crypto: chcr - Ensure Destination sg entry size less than 2k (bsc#1048325). - crypto: chcr - Fix fallback key setting (bsc#1048325). - crypto: chcr - Pass lcb bit setting to firmware (bsc#1048325). - crypto: chcr - Return correct error code (bsc#1048325). - cxgb4: update latest firmware version supported (bsc#1048327). - cxgbit: add missing __kfree_skb() (bsc#1052095). - cxgbit: fix sg_nents calculation (bsc#1052095). - Disable patch 0017-nvmet_fc-Simplify-sg-list-handling.patch (bsc#1052384) - dm: make flush bios explicitly sync (bsc#1050211). - dm mpath: do not lock up a CPU with requeuing activity (bsc#1048912). - drivers: net: xgene: Fix wrong logical operation (bsc#1056827). - drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155). - ext4: nowait aio support (FATE#321994). - fs: Introduce filemap_range_has_page() (FATE#321994). - fs: Introduce RWF_NOWAIT and FMODE_AIO_NOWAIT (FATE#321994). - fs: pass on flags in compat_writev (bsc#1050211). - fs: return if direct I/O will trigger writeback (FATE#321994). - fs: Separate out kiocb flags setup based on RWF_* flags (FATE#321994). - fs: Use RWF_* flags for AIO operations (FATE#321994). - fuse: initialize the flock flag in fuse_file on allocation (git-fixes). - i2c: designware: Add ACPI HID for Hisilicon Hip07/08 I2C controller (bsc#1049291). - i2c: designware: Convert to use unified device property API (bsc#1049291). - i2c: xgene: Set ACPI_COMPANION_I2C (bsc#1053633). - i2c: xgene-slimpro: Add ACPI support by using PCC mailbox (bsc#1053633). - i2c: xgene-slimpro: include linux/io.h for memremap (bsc#1053633). - i2c: xgene-slimpro: Use a single function to send command message (bsc#1053633). - i40e/i40evf: fix out-of-bounds read of cpumask (bsc#1053685). - ib/iser: Fix connection teardown race condition (bsc#1050211). - iscsi-target: fix invalid flags in text response (bsc#1052095). - iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717). - kabi: arm64: compatibility workaround for lse atomics (bsc#1055290). - kABI: protect enum pid_type (kabi). - kABI: protect struct iscsi_np (kabi). - kABI: protect struct se_lun (kabi). - kabi/severities: add fs/ceph to kabi severities (bsc#1048228). - kabi/severities: Ignore drivers/scsi/cxgbi (bsc#1052094) - kabi/severities: Ignore kABI changes due to last patchset (bnc#1053472) - kABI: uninline task_tgid_nr_nr (kabi). - kvm: arm64: Restore host physical timer access on hyp_panic() (bsc#1054082). - kvm: arm/arm64: Fix bug in advertising KVM_CAP_MSI_DEVID capability (bsc#1054082). - kvm, pkeys: do not use PKRU value in vcpu->arch.guest_fpu.state (bsc#1055935). - kvm: x86: block guest protection keys unless the host has them enabled (bsc#1055935). - kvm: x86: kABI workaround for PKRU fixes (bsc#1055935). - kvm: x86: simplify handling of PKRU (bsc#1055935). - libceph: abort already submitted but abortable requests when map or pool goes full (bsc#1048228). - libceph: add an epoch_barrier field to struct ceph_osd_client (bsc#1048228). - libceph: advertise support for NEW_OSDOP_ENCODING and SERVER_LUMINOUS (bsc#1048228). - libceph: advertise support for OSD_POOLRESEND (bsc#1048228). - libceph: allow requests to return immediately on full conditions if caller wishes (bsc#1048228). - libceph: always populate t->target_{oid,oloc} in calc_target() (bsc#1048228). - libceph: always signal completion when done (bsc#1048228). - libceph: apply_upmap() (bsc#1048228). - libceph: avoid unnecessary pi lookups in calc_target() (bsc#1048228). - libceph: ceph_connection_operations::reencode_message() method (bsc#1048228). - libceph: ceph_decode_skip_* helpers (bsc#1048228). - libceph: compute actual pgid in ceph_pg_to_up_acting_osds() (bsc#1048228). - libceph, crush: per-pool crush_choose_arg_map for crush_do_rule() (bsc#1048228). - libceph: delete from need_resend_linger before check_linger_pool_dne() (bsc#1048228). - libceph: do not call encode_request_finish() on MOSDBackoff messages (bsc#1048228). - libceph: do not call ->reencode_message() more than once per message (bsc#1048228). - libceph: do not pass pgid by value (bsc#1048228). - libceph: drop need_resend from calc_target() (bsc#1048228). - libceph: encode_{pgid,oloc}() helpers (bsc#1048228). - libceph: fallback for when there isn't a pool-specific choose_arg (bsc#1048228). - libceph: fix old style declaration warnings (bsc#1048228). - libceph: foldreq->last_force_resend into ceph_osd_request_target (bsc#1048228). - libceph: get rid of ack vs commit (bsc#1048228). - libceph: handle non-empty dest in ceph_{oloc,oid}_copy() (bsc#1048228). - libceph: initialize last_linger_id with a large integer (bsc#1048228). - libceph: introduce and switch to decode_pg_mapping() (bsc#1048228). - libceph: introduce ceph_spg, ceph_pg_to_primary_shard() (bsc#1048228). - libceph: kill __{insert,lookup,remove}_pg_mapping() (bsc#1048228). - libceph: make DEFINE_RB_* helpers more general (bsc#1048228). - libceph: make encode_request_*() work with r_mempool requests (bsc#1048228). - libceph: make RECOVERY_DELETES feature create a new interval (bsc#1048228). - libceph: make sure need_resend targets reflect latest map (bsc#1048228). - libceph: MOSDOp v8 encoding (actual spgid + full hash) (bsc#1048228). - libceph: new features macros (bsc#1048228). - libceph: new pi->last_force_request_resend (bsc#1048228). - libceph: NULL deref on osdmap_apply_incremental() error path (bsc#1048228). - libceph: osd_request_timeout option (bsc#1048228). - libceph: osd_state is 32 bits wide in luminous (bsc#1048228). - libceph: pg_upmap[_items] infrastructure (bsc#1048228). - libceph: pool deletion detection (bsc#1048228). - libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1048228). - libceph: remove ceph_sanitize_features() workaround (bsc#1048228). - libceph: remove now unused finish_request() wrapper (bsc#1048228). - libceph: remove req->r_replay_version (bsc#1048228). - libceph: resend on PG splits if OSD has RESEND_ON_SPLIT (bsc#1048228). - libceph: respect RADOS_BACKOFF backoffs (bsc#1048228). - libceph: set -EINVAL in one place in crush_decode() (bsc#1048228). - libceph: support SERVER_JEWEL feature bits (bsc#1048228). - libceph: take osdc->lock in osdmap_show() and dump flags in hex (bsc#1048228). - libceph: upmap semantic changes (bsc#1048228). - libceph: use alloc_pg_mapping() in __decode_pg_upmap_items() (bsc#1048228). - libceph: use target pi for calc_target() calculations (bsc#1048228). - lib: test_rhashtable: fix for large entry counts (bsc#1055359). - lib: test_rhashtable: Fix KASAN warning (bsc#1055359). - locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y (bsc#969756). - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common() (bsc#969756). - lpfc: Add Buffer to Buffer credit recovery support (bsc#1052384). - lpfc: convert info messages to standard messages (bsc#1052384). - lpfc: Correct issues with FAWWN and FDISCs (bsc#1052384). - lpfc: Correct return error codes to align with nvme_fc transport (bsc#1052384). - lpfc: Fix bad sgl reposting after 2nd adapter reset (bsc#1052384). - lpfc: Fix crash in lpfc nvmet when fc port is reset (bsc#1052384). - lpfc: Fix duplicate NVME rport entries and namespaces (bsc#1052384). - lpfc: Fix handling of FCP and NVME FC4 types in Pt2Pt topology (bsc#1052384). - lpfc: fix "integer constant too large" error on 32bit archs (bsc#1052384). - lpfc: Fix loop mode target discovery (bsc#1052384). - lpfc: Fix MRQ > 1 context list handling (bsc#1052384). - lpfc: Fix NVME PRLI handling during RSCN (bsc#1052384). - lpfc: Fix nvme target failure after 2nd adapter reset (bsc#1052384). - lpfc: Fix oops when NVME Target is discovered in a nonNVME environment (bsc#1052384). - lpfc: Fix plogi collision that causes illegal state transition (bsc#1052384). - lpfc: Fix rediscovery on switch blade pull (bsc#1052384). - lpfc: Fix relative offset error on large nvmet target ios (bsc#1052384). - lpfc: fixup crash during storage failover operations (bsc#1042847). - lpfc: Limit amount of work processed in IRQ (bsc#1052384). - lpfc: lpfc version bump 11.4.0.3 (bsc#1052384). - lpfc: remove console log clutter (bsc#1052384). - lpfc: support nvmet_fc defer_rcv callback (bsc#1052384). - megaraid_sas: Fix probing cards without io port (bsc#1053681). - mmc: mmc: correct the logic for setting HS400ES signal voltage (bsc#1054082). - mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw poison -- git fixes). - mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850). - net: ethernet: hip04: Call SET_NETDEV_DEV() (bsc#1049336). - netfilter: fix IS_ERR_VALUE usage (bsc#1052888). - netfilter: x_tables: pack percpu counter allocations (bsc#1052888). - netfilter: x_tables: pass xt_counters struct instead of packet counter (bsc#1052888). - netfilter: x_tables: pass xt_counters struct to counter allocator (bsc#1052888). - net: hns: add acpi function of xge led control (bsc#1049336). - net: hns: Fix a skb used after free bug (bsc#1049336). - net/mlx5: Cancel delayed recovery work when unloading the driver (bsc#1015342). - net/mlx5: Clean SRIOV eswitch resources upon VF creation failure (bsc#1015342). - net/mlx5: Consider tx_enabled in all modes on remap (bsc#1015342). - net/mlx5e: Add field select to MTPPS register (bsc#1015342). - net/mlx5e: Add missing support for PTP_CLK_REQ_PPS request (bsc#1015342). - net/mlx5e: Change 1PPS out scheme (bsc#1015342). - net/mlx5e: Fix broken disable 1PPS flow (bsc#1015342). - net/mlx5e: Fix outer_header_zero() check size (bsc#1015342). - net/mlx5e: Fix TX carrier errors report in get stats ndo (bsc#1015342). - net/mlx5e: Initialize CEE's getpermhwaddr address buffer to 0xff (bsc#1015342). - net/mlx5e: Rename physical symbol errors counter (bsc#1015342). - net/mlx5: Fix mlx5_add_flow_rules call with correct num of dests (bsc#1015342). - net/mlx5: Fix mlx5_ifc_mtpps_reg_bits structure size (bsc#1015342). - net/mlx5: Fix offset of hca cap reserved field (bsc#1015342). - net: phy: Fix lack of reference count on PHY driver (bsc#1049336). - net: phy: Fix PHY module checks and NULL deref in phy_attach_direct() (bsc#1049336). - nvme-fc: address target disconnect race conditions in fcp io submit (bsc#1052384). - nvme-fc: do not override opts->nr_io_queues (bsc#1052384). - nvme-fc: kABI fix for defer_rcv() callback (bsc#1052384). - nvme_fc/nvmet_fc: revise Create Association descriptor length (bsc#1052384). - nvme_fc: Reattach to localports on re-registration (bsc#1052384). - nvme-fc: revise TRADDR parsing (bsc#1052384). - nvme-fc: update tagset nr_hw_queues after queues reinit (bsc#1052384). - nvme-fc: use blk_mq_delay_run_hw_queue instead of open-coding it (bsc#1052384). - nvme: fix hostid parsing (bsc#1049272). - nvme-loop: update tagset nr_hw_queues after reconnecting/resetting (bsc#1052384). - nvme-pci: fix CMB sysfs file removal in reset path (bsc#1050211). - nvme-rdma: update tagset nr_hw_queues after reconnecting/resetting (bsc#1052384). - nvmet: avoid unneeded assignment of submit_bio return value (bsc#1052384). - nvmet_fc: Accept variable pad lengths on Create Association LS (bsc#1052384). - nvmet_fc: add defer_req callback for deferment of cmd buffer return (bsc#1052384). - nvmet-fc: correct use after free on list teardown (bsc#1052384). - nvmet-fc: eliminate incorrect static markers on local variables (bsc#1052384). - nvmet-fc: fix byte swapping in nvmet_fc_ls_create_association (bsc#1052384). - nvmet_fc: Simplify sg list handling (bsc#1052384). - nvmet: prefix version configfs file with attr (bsc#1052384). - of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes() (bsc#1056827). - ovl: fix dentry leak for default_permissions (bsc#1054084). - pci/msi: fix the pci_alloc_irq_vectors_affinity stub (bsc#1050211). - pci/MSI: Ignore affinity if pre/post vector count is more than min_vecs (1050211). - percpu_ref: allow operation mode switching operations to be called concurrently (bsc#1055096). - percpu_ref: remove unnecessary RCU grace period for staggered atomic switching confirmation (bsc#1055096). - percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate percpu_ref_switch_to_atomic() (bsc#1055096). - percpu_ref: restructure operation mode switching (bsc#1055096). - percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096). - phy: Do not increment MDIO bus refcount unless it's a different owner (bsc#1049336). - phy: fix error case of phy_led_triggers_(un)register (bsc#1049336). - qeth: add network device features for VLAN devices (bnc#1053472, LTC#157385). - r8169: Add support for restarting auto-negotiation (bsc#1050742). - r8169:Correct the way of setting RTL8168DP ephy (bsc#1050742). - r8169:fix system hange problem (bsc#1050742). - r8169:Fix typo in setting RTL8168H PHY parameter (bsc#1050742). - r8169:Fix typo in setting RTL8168H PHY PFM mode (bsc#1050742). - r8169:Remove unnecessary phy reset for pcie nic when setting link spped (bsc#1050742). - r8169:Update the way of reading RTL8168H PHY register "rg_saw_cnt" (bsc#1050742). - rdma/mlx5: Fix existence check for extended address vector (bsc#1015342). - Remove patch 0407-nvme_fc-change-failure-code-on-remoteport-connectivi.patch (bsc#1037838) - Revert "ceph: SetPageError() for writeback pages if writepages fails" (bsc#1048228). - s390/diag: add diag26c support (bnc#1053472, LTC#156729). - s390: export symbols for crash-kmp (bsc#1053915). - s390: Include uapi/linux/if_ether.h instead of linux/if_ether.h (bsc#1053472). - s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1053472, LTC#157731). - s390/pci: fix handling of PEC 306 (bnc#1053472, LTC#157731). - s390/pci: improve error handling during fmb (de)registration (bnc#1053472, LTC#157731). - s390/pci: improve error handling during interrupt deregistration (bnc#1053472, LTC#157731). - s390/pci: improve pci hotplug (bnc#1053472, LTC#157731). - s390/pci: improve unreg_ioat error handling (bnc#1053472, LTC#157731). - s390/pci: introduce clp_get_state (bnc#1053472, LTC#157731). - s390/pci: provide more debug information (bnc#1053472, LTC#157731). - s390/pci: recognize name clashes with uids (bnc#1053472, LTC#157731). - s390/qeth: no ETH header for outbound AF_IUCV (bnc#1053472, LTC#156276). - s390/qeth: size calculation outbound buffers (bnc#1053472, LTC#156276). - s390/qeth: use diag26c to get MAC address on L2 (bnc#1053472, LTC#156729). - scsi: csiostor: add check for supported fw version (bsc#1005776). - scsi: csiostor: add support for Chelsio T6 adapters (bsc#1005776). - scsi: csiostor: fix use after free in csio_hw_use_fwconfig() (bsc#1005776). - scsi: csiostor: switch to pci_alloc_irq_vectors (bsc#1005776). - scsi: csiostor: update module version (bsc#1052093). - scsi: cxgb4i: assign rxqs in round robin mode (bsc#1052094). - scsi: qedf: Fix a potential NULL pointer dereference (bsc#1048912). - scsi: qedf: Limit number of CQs (bsc#1040813). - supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802). - tpm: fix: return rc when devm_add_action() fails (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes 8e0ee3c9faed). - tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117). - tpm: KABI fix (bsc#1053117). - tpm: read burstcount from TPM_STS in one 32-bit transaction (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes 27084efee0c3). - tpm_tis_core: Choose appropriate timeout for reading burstcount (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes aec04cbdf723). - tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes aec04cbdf723). - tty: pl011: fix initialization order of QDF2400 E44 (bsc#1054082). - tty: serial: msm: Support more bauds (git-fixes). - Update patches.drivers/tpm-141-fix-RC-value-check-in-tpm2_seal_trusted.patch (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes 5ca4c20cfd37). - usb: core: fix device node leak (bsc#1047487). - x86/mm: Fix use-after-free of ldt_struct (bsc#1055963). - xfs/dmapi: fix incorrect file->f_path.dentry->d_inode usage (bsc#1055896). - xfs: nowait aio support (FATE#321994). - xgene: Always get clk source, but ignore if it's missing for SGMII ports (bsc#1048501). - xgene: Do not fail probe, if there is no clk resource for SGMII interfaces (bsc#1048501). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1017=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (noarch): kernel-devel-4.4.85-22.1 kernel-docs-4.4.85-22.3 kernel-docs-html-4.4.85-22.3 kernel-docs-pdf-4.4.85-22.3 kernel-macros-4.4.85-22.1 kernel-source-4.4.85-22.1 kernel-source-vanilla-4.4.85-22.1 - openSUSE Leap 42.3 (x86_64): kernel-debug-4.4.85-22.1 kernel-debug-base-4.4.85-22.1 kernel-debug-base-debuginfo-4.4.85-22.1 kernel-debug-debuginfo-4.4.85-22.1 kernel-debug-debugsource-4.4.85-22.1 kernel-debug-devel-4.4.85-22.1 kernel-debug-devel-debuginfo-4.4.85-22.1 kernel-default-4.4.85-22.1 kernel-default-base-4.4.85-22.1 kernel-default-base-debuginfo-4.4.85-22.1 kernel-default-debuginfo-4.4.85-22.1 kernel-default-debugsource-4.4.85-22.1 kernel-default-devel-4.4.85-22.1 kernel-obs-build-4.4.85-22.1 kernel-obs-build-debugsource-4.4.85-22.1 kernel-obs-qa-4.4.85-22.1 kernel-syms-4.4.85-22.1 kernel-vanilla-4.4.85-22.1 kernel-vanilla-base-4.4.85-22.1 kernel-vanilla-base-debuginfo-4.4.85-22.1 kernel-vanilla-debuginfo-4.4.85-22.1 kernel-vanilla-debugsource-4.4.85-22.1 kernel-vanilla-devel-4.4.85-22.1 References: https://www.suse.com/security/cve/CVE-2017-12134.html https://www.suse.com/security/cve/CVE-2017-14051.html https://bugzilla.suse.com/1005776 https://bugzilla.suse.com/1015342 https://bugzilla.suse.com/1020645 https://bugzilla.suse.com/1020657 https://bugzilla.suse.com/1030850 https://bugzilla.suse.com/1031717 https://bugzilla.suse.com/1031784 https://bugzilla.suse.com/1034048 https://bugzilla.suse.com/1037838 https://bugzilla.suse.com/1040813 https://bugzilla.suse.com/1042847 https://bugzilla.suse.com/1047487 https://bugzilla.suse.com/1047989 https://bugzilla.suse.com/1048155 https://bugzilla.suse.com/1048228 https://bugzilla.suse.com/1048325 https://bugzilla.suse.com/1048327 https://bugzilla.suse.com/1048356 https://bugzilla.suse.com/1048501 https://bugzilla.suse.com/1048912 https://bugzilla.suse.com/1048934 https://bugzilla.suse.com/1049226 https://bugzilla.suse.com/1049272 https://bugzilla.suse.com/1049291 https://bugzilla.suse.com/1049336 https://bugzilla.suse.com/1050211 https://bugzilla.suse.com/1050742 https://bugzilla.suse.com/1051790 https://bugzilla.suse.com/1052093 https://bugzilla.suse.com/1052094 https://bugzilla.suse.com/1052095 https://bugzilla.suse.com/1052384 https://bugzilla.suse.com/1052580 https://bugzilla.suse.com/1052888 https://bugzilla.suse.com/1053117 https://bugzilla.suse.com/1053309 https://bugzilla.suse.com/1053472 https://bugzilla.suse.com/1053627 https://bugzilla.suse.com/1053629 https://bugzilla.suse.com/1053633 https://bugzilla.suse.com/1053681 https://bugzilla.suse.com/1053685 https://bugzilla.suse.com/1053802 https://bugzilla.suse.com/1053915 https://bugzilla.suse.com/1053919 https://bugzilla.suse.com/1054082 https://bugzilla.suse.com/1054084 https://bugzilla.suse.com/1055013 https://bugzilla.suse.com/1055096 https://bugzilla.suse.com/1055272 https://bugzilla.suse.com/1055290 https://bugzilla.suse.com/1055359 https://bugzilla.suse.com/1055709 https://bugzilla.suse.com/1055896 https://bugzilla.suse.com/1055935 https://bugzilla.suse.com/1055963 https://bugzilla.suse.com/1056185 https://bugzilla.suse.com/1056588 https://bugzilla.suse.com/1056827 https://bugzilla.suse.com/969756 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2381-1: important: Security update for gdk-pixbuf
by opensuse-security＠opensuse.org 06 Sep '17

06 Sep '17

SUSE Security Update: Security update for gdk-pixbuf ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2381-1 Rating: important References: #1027024 #1027025 #1027026 #1048289 #1048544 #1049877 Cross-References: CVE-2017-2862 CVE-2017-2870 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. Description: This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (bsc#1048289) - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability (bsc#1048544) - CVE-2017-6313: A dangerous integer underflow in io-icns.c (bsc#1027024) - CVE-2017-6314: Infinite loop in io-tiff.c (bsc#1027025) - CVE-2017-6312: Out-of-bounds read on io-ico.c (bsc#1027026) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1471=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1471=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1471=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1471=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1471=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1471=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1471=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-devel-2.34.0-19.5.1 gdk-pixbuf-devel-debuginfo-2.34.0-19.5.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-devel-2.34.0-19.5.1 gdk-pixbuf-devel-debuginfo-2.34.0-19.5.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-query-loaders-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.5.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-19.5.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): gdk-pixbuf-lang-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-query-loaders-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.5.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): gdk-pixbuf-query-loaders-32bit-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): gdk-pixbuf-lang-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-query-loaders-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.5.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP2 (s390x x86_64): gdk-pixbuf-query-loaders-32bit-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.5.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): gdk-pixbuf-lang-2.34.0-19.5.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-query-loaders-2.34.0-19.5.1 gdk-pixbuf-query-loaders-32bit-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.5.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-19.5.1 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): gdk-pixbuf-lang-2.34.0-19.5.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): gdk-pixbuf-lang-2.34.0-19.5.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): gdk-pixbuf-debugsource-2.34.0-19.5.1 gdk-pixbuf-query-loaders-2.34.0-19.5.1 gdk-pixbuf-query-loaders-32bit-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.5.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-32bit-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.5.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.5.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-19.5.1 References: https://www.suse.com/security/cve/CVE-2017-2862.html https://www.suse.com/security/cve/CVE-2017-2870.html https://www.suse.com/security/cve/CVE-2017-6312.html https://www.suse.com/security/cve/CVE-2017-6313.html https://www.suse.com/security/cve/CVE-2017-6314.html https://bugzilla.suse.com/1027024 https://bugzilla.suse.com/1027025 https://bugzilla.suse.com/1027026 https://bugzilla.suse.com/1048289 https://bugzilla.suse.com/1048544 https://bugzilla.suse.com/1049877 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0