openSUSE Security Announce March 2018

security-announce@lists.opensuse.org

1 participants
75 discussions

[security-announce] openSUSE-SU-2018:0855-1: important: Security update for memcached
by opensuse-security＠opensuse.org 30 Mar '18

30 Mar '18

openSUSE Security Update: Security update for memcached ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0855-1 Rating: important References: #1056865 Cross-References: CVE-2017-9951 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for memcached fixes the following issues: - CVE-2017-9951: Fixed heap-based buffer over-read in try_read_command function which allowed remote attackers to cause a denial of service attack (bsc#1056865). This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-327=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): memcached-1.4.39-11.3.1 memcached-debuginfo-1.4.39-11.3.1 memcached-debugsource-1.4.39-11.3.1 memcached-devel-1.4.39-11.3.1 References: https://www.suse.com/security/cve/CVE-2017-9951.html https://bugzilla.suse.com/1056865 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2018:0851-1: important: Security update for LibVNCServer
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

openSUSE Security Update: Security update for LibVNCServer ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0851-1 Rating: important References: #1017711 #1017712 #1081493 Cross-References: CVE-2016-9941 CVE-2016-9942 CVE-2018-7225 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: LibVNCServer was updated to fix two security issues. These security issues were fixed: - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493). - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions (bsc#1017712). - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area (bsc#1017711). This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-326=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): LibVNCServer-debugsource-0.9.9-16.3.1 LibVNCServer-devel-0.9.9-16.3.1 libvncclient0-0.9.9-16.3.1 libvncclient0-debuginfo-0.9.9-16.3.1 libvncserver0-0.9.9-16.3.1 libvncserver0-debuginfo-0.9.9-16.3.1 linuxvnc-0.9.9-16.3.1 linuxvnc-debuginfo-0.9.9-16.3.1 References: https://www.suse.com/security/cve/CVE-2016-9941.html https://www.suse.com/security/cve/CVE-2016-9942.html https://www.suse.com/security/cve/CVE-2018-7225.html https://bugzilla.suse.com/1017711 https://bugzilla.suse.com/1017712 https://bugzilla.suse.com/1081493 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0848-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0848-1 Rating: important References: #1010470 #1012382 #1045330 #1055755 #1062568 #1063416 #1066001 #1067118 #1068032 #1072689 #1072865 #1074488 #1075617 #1075621 #1077182 #1077560 #1077779 #1078669 #1078672 #1078673 #1078674 #1080255 #1080287 #1080464 #1080757 #1081512 #1082299 #1083244 #1083483 #1083494 #1083640 #1084323 #1085107 #1085114 #1085447 Cross-References: CVE-2016-7915 CVE-2017-12190 CVE-2017-13166 CVE-2017-15299 CVE-2017-16644 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18204 CVE-2017-18208 CVE-2017-18221 CVE-2018-1066 CVE-2018-1068 CVE-2018-5332 CVE-2018-5333 CVE-2018-6927 CVE-2018-7566 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that solves 19 vulnerabilities and has 16 fixes is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107). - CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls (bnc#1084323). - CVE-2018-1066: Prevent NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled during session recovery (bnc#1083640). - CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel v4l2 video driver (bnc#1072865). - CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose kernel memory addresses. Successful exploitation required that a USB device was attached over IP (bnc#1078674). - CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that already exists but is uninstantiated, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call (bnc#1063416). - CVE-2017-18208: The madvise_willneed function kernel allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494). - CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user could have reset the pool size manually via ioctl concurrently, which may have lead UAF or out-of-bound access (bsc#1083483). - CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a denial of service (deadlock) via DIO requests (bnc#1083244). - CVE-2017-16644: The hdpvr_probe function allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118). - CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value (bnc#1080757). - CVE-2017-16914: The "stub_send_ret_submit()" function allowed attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet (bnc#1078669). - CVE-2016-7915: The hid_input_field function allowed physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device (bnc#1010470). - CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did unbalanced refcounting when a SCSI I/O vector had small consecutive buffers belonging to the same page. The bio_add_pc_page function merged them into one, but the page reference was never dropped. This caused a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition (bnc#1062568). - CVE-2017-16912: The "get_pipe()" function allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673). - CVE-2017-16913: The "stub_recv_cmd_submit()" function when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672). - CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621). - CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617). - CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488). The following non-security bugs were fixed: - KEYS: do not let add_key() update an uninstantiated key (bnc#1063416). - KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001). - KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001). - NFS: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779). - btrfs: qgroup: move noisy underflow warning to debugging build (bsc#1055755 and bsc#1080287). - ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689). - ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689). - ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689). - x86/kaiser: use trampoline stack for kernel entry (bsc#1077560) - leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464). - livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299). - livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299) - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382). - media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382). - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382). - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382). - media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382). - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382). - media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382). - media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382). - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382). - media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382). - netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107). - netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107). - packet: only call dev_add_pack() on freshly allocated fanout instances - pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330). - powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1077182). - powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512). - powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182). - powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182). - powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182). - powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182). - rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1077182). - rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1077182). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2018-568=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-568=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-568=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-568=1 Package List: - SUSE OpenStack Cloud 6 (x86_64): kernel-default-3.12.74-60.64.85.1 kernel-default-base-3.12.74-60.64.85.1 kernel-default-base-debuginfo-3.12.74-60.64.85.1 kernel-default-debuginfo-3.12.74-60.64.85.1 kernel-default-debugsource-3.12.74-60.64.85.1 kernel-default-devel-3.12.74-60.64.85.1 kernel-syms-3.12.74-60.64.85.1 kernel-xen-3.12.74-60.64.85.1 kernel-xen-base-3.12.74-60.64.85.1 kernel-xen-base-debuginfo-3.12.74-60.64.85.1 kernel-xen-debuginfo-3.12.74-60.64.85.1 kernel-xen-debugsource-3.12.74-60.64.85.1 kernel-xen-devel-3.12.74-60.64.85.1 kgraft-patch-3_12_74-60_64_85-default-1-2.3.1 kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1 - SUSE OpenStack Cloud 6 (noarch): kernel-devel-3.12.74-60.64.85.1 kernel-macros-3.12.74-60.64.85.1 kernel-source-3.12.74-60.64.85.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): kernel-default-3.12.74-60.64.85.1 kernel-default-base-3.12.74-60.64.85.1 kernel-default-base-debuginfo-3.12.74-60.64.85.1 kernel-default-debuginfo-3.12.74-60.64.85.1 kernel-default-debugsource-3.12.74-60.64.85.1 kernel-default-devel-3.12.74-60.64.85.1 kernel-syms-3.12.74-60.64.85.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kernel-xen-3.12.74-60.64.85.1 kernel-xen-base-3.12.74-60.64.85.1 kernel-xen-base-debuginfo-3.12.74-60.64.85.1 kernel-xen-debuginfo-3.12.74-60.64.85.1 kernel-xen-debugsource-3.12.74-60.64.85.1 kernel-xen-devel-3.12.74-60.64.85.1 kgraft-patch-3_12_74-60_64_85-default-1-2.3.1 kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (noarch): kernel-devel-3.12.74-60.64.85.1 kernel-macros-3.12.74-60.64.85.1 kernel-source-3.12.74-60.64.85.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): kernel-default-3.12.74-60.64.85.1 kernel-default-base-3.12.74-60.64.85.1 kernel-default-base-debuginfo-3.12.74-60.64.85.1 kernel-default-debuginfo-3.12.74-60.64.85.1 kernel-default-debugsource-3.12.74-60.64.85.1 kernel-default-devel-3.12.74-60.64.85.1 kernel-syms-3.12.74-60.64.85.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kernel-xen-3.12.74-60.64.85.1 kernel-xen-base-3.12.74-60.64.85.1 kernel-xen-base-debuginfo-3.12.74-60.64.85.1 kernel-xen-debuginfo-3.12.74-60.64.85.1 kernel-xen-debugsource-3.12.74-60.64.85.1 kernel-xen-devel-3.12.74-60.64.85.1 kgraft-patch-3_12_74-60_64_85-default-1-2.3.1 kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): kernel-devel-3.12.74-60.64.85.1 kernel-macros-3.12.74-60.64.85.1 kernel-source-3.12.74-60.64.85.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x): kernel-default-man-3.12.74-60.64.85.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.74-60.64.85.1 kernel-ec2-debuginfo-3.12.74-60.64.85.1 kernel-ec2-debugsource-3.12.74-60.64.85.1 kernel-ec2-devel-3.12.74-60.64.85.1 kernel-ec2-extra-3.12.74-60.64.85.1 kernel-ec2-extra-debuginfo-3.12.74-60.64.85.1 References: https://www.suse.com/security/cve/CVE-2016-7915.html https://www.suse.com/security/cve/CVE-2017-12190.html https://www.suse.com/security/cve/CVE-2017-13166.html https://www.suse.com/security/cve/CVE-2017-15299.html https://www.suse.com/security/cve/CVE-2017-16644.html https://www.suse.com/security/cve/CVE-2017-16911.html https://www.suse.com/security/cve/CVE-2017-16912.html https://www.suse.com/security/cve/CVE-2017-16913.html https://www.suse.com/security/cve/CVE-2017-16914.html https://www.suse.com/security/cve/CVE-2017-18017.html https://www.suse.com/security/cve/CVE-2017-18204.html https://www.suse.com/security/cve/CVE-2017-18208.html https://www.suse.com/security/cve/CVE-2017-18221.html https://www.suse.com/security/cve/CVE-2018-1066.html https://www.suse.com/security/cve/CVE-2018-1068.html https://www.suse.com/security/cve/CVE-2018-5332.html https://www.suse.com/security/cve/CVE-2018-5333.html https://www.suse.com/security/cve/CVE-2018-6927.html https://www.suse.com/security/cve/CVE-2018-7566.html https://bugzilla.suse.com/1010470 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1045330 https://bugzilla.suse.com/1055755 https://bugzilla.suse.com/1062568 https://bugzilla.suse.com/1063416 https://bugzilla.suse.com/1066001 https://bugzilla.suse.com/1067118 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1072689 https://bugzilla.suse.com/1072865 https://bugzilla.suse.com/1074488 https://bugzilla.suse.com/1075617 https://bugzilla.suse.com/1075621 https://bugzilla.suse.com/1077182 https://bugzilla.suse.com/1077560 https://bugzilla.suse.com/1077779 https://bugzilla.suse.com/1078669 https://bugzilla.suse.com/1078672 https://bugzilla.suse.com/1078673 https://bugzilla.suse.com/1078674 https://bugzilla.suse.com/1080255 https://bugzilla.suse.com/1080287 https://bugzilla.suse.com/1080464 https://bugzilla.suse.com/1080757 https://bugzilla.suse.com/1081512 https://bugzilla.suse.com/1082299 https://bugzilla.suse.com/1083244 https://bugzilla.suse.com/1083483 https://bugzilla.suse.com/1083494 https://bugzilla.suse.com/1083640 https://bugzilla.suse.com/1084323 https://bugzilla.suse.com/1085107 https://bugzilla.suse.com/1085114 https://bugzilla.suse.com/1085447 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0844-1: important: Security update for python-paramiko
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

SUSE Security Update: Security update for python-paramiko ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0844-1 Rating: important References: #1085276 Cross-References: CVE-2018-7750 Affected Products: SUSE OpenStack Cloud 7 SUSE Enterprise Storage 4 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-paramiko fixes the following issues: - CVE-2018-7750: Fixed transport.py in the SSH server implementation of Paramiko that does not properly check whether authentication is completed before processing other requests (bsc#1085276). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-566=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-566=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-566=1 Package List: - SUSE OpenStack Cloud 7 (noarch): python-paramiko-2.0.8-3.3.1 - SUSE Enterprise Storage 4 (noarch): python-paramiko-2.0.8-3.3.1 - OpenStack Cloud Magnum Orchestration 7 (noarch): python-paramiko-2.0.8-3.3.1 References: https://www.suse.com/security/cve/CVE-2018-7750.html https://bugzilla.suse.com/1085276 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0841-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0841-1 Rating: important References: #1012382 #1045538 #1048585 #1049128 #1050431 #1054305 #1059174 #1060279 #1060682 #1063544 #1064861 #1068032 #1068984 #1069508 #1070623 #1070781 #1073311 #1074488 #1074621 #1074880 #1075088 #1075091 #1075410 #1075617 #1075621 #1075908 #1075994 #1076017 #1076154 #1076278 #1076437 #1076849 #1077191 #1077355 #1077406 #1077487 #1077560 #1077922 #1078875 #1079917 #1080133 #1080359 #1080363 #1080372 #1080579 #1080685 #1080774 #1081500 #936530 #962257 Cross-References: CVE-2015-1142857 CVE-2017-13215 CVE-2017-17741 CVE-2017-18017 CVE-2017-18079 CVE-2017-5715 CVE-2018-1000004 CVE-2018-5332 CVE-2018-5333 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has 41 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032). The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka "retpolines". - CVE-2015-1142857: On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver, i40e/i40evf driver and the DPDK, additionally multiple vendor NIC firmware is affected (bnc#1077355). - CVE-2017-13215: A elevation of privilege vulnerability in the Upstream kernel skcipher. (bnc#1075908). - CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311). - CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488). - CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated (bnc#1077922). - CVE-2018-1000004: In the Linux kernel a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017). - CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621). - CVE-2018-5333: In the Linux kernel rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617). The following non-security bugs were fixed: - Add proper NX hadnling for !NX-capable systems also to kaiser_add_user_map(). (bsc#1076278). - alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1045538). - alsa: aloop: Fix racy hw constraints adjustment (bsc#1045538). - alsa: aloop: Release cable upon open error path (bsc#1045538). - alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1045538). - alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1045538). - alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1045538). - alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1045538). - alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1045538). - btrfs: cleanup unnecessary assignment when cleaning up all the residual transaction (FATE#325056). - btrfs: copy fsid to super_block s_uuid (bsc#1080774). - btrfs: do not wait for all the writers circularly during the transaction commit (FATE#325056). - btrfs: do not WARN() in btrfs_transaction_abort() for IO errors (bsc#1080363). - btrfs: fix two use-after-free bugs with transaction cleanup (FATE#325056). - btrfs: make the state of the transaction more readable (FATE#325056). - btrfs: qgroup: exit the rescan worker during umount (bsc#1080685). - btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#1080685). - btrfs: reset intwrite on transaction abort (FATE#325056). - btrfs: set qgroup_ulist to be null after calling ulist_free() (bsc#1080359). - btrfs: stop waiting on current trans if we aborted (FATE#325056). - cdc-acm: apply quirk for card reader (bsc#1060279). - cdrom: factor out common open_for_* code (bsc#1048585). - cdrom: wait for tray to close (bsc#1048585). - delay: add poll_event_interruptible (bsc#1048585). - dm flakey: add corrupt_bio_byte feature (bsc#1080372). - dm flakey: add drop_writes (bsc#1080372). - dm flakey: error READ bios during the down_interval (bsc#1080372). - dm flakey: fix crash on read when corrupt_bio_byte not set (bsc#1080372). - dm flakey: fix reads to be issued if drop_writes configured (bsc#1080372). - dm flakey: introduce "error_writes" feature (bsc#1080372). - dm flakey: support feature args (bsc#1080372). - dm flakey: use dm_target_offset and support discards (bsc#1080372). - ext2: free memory allocated and forget buffer head when io error happens (bnc#1069508). - ext2: use unlikely to improve the efficiency of the kernel (bnc#1069508). - ext3: add necessary check in case IO error happens (bnc#1069508). - ext3: use unlikely to improve the efficiency of the kernel (bnc#1069508). - fork: clear thread stack upon allocation (bsc#1077560). - kabi/severities ignore Cell-specific symbols - kaiser: do not clobber ZF by calling ENABLE_IBRS after test and before jz - kaiser: fix ia32 compat sysexit (bsc#1080579) sysexit_from_sys_call cannot make assumption of accessible stack after CR3 switch, and therefore should use the SWITCH_USER_CR3_NO_STACK method to flip the pagetable hierarchy. - kaiser: Fix trampoline stack loading issue on XEN PV - kaiser: handle non-accessible stack in sysretl_from_sys_call properly (bsc#bsc#1080579) - kaiser: make sure not to touch stack after CR3 switch in compat syscall return - kaiser: really do switch away from trampoline stack to kernel stack in ia32_syscall entry (bsc#1080579) - kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032). - keys: trusted: fix writing past end of buffer in trusted_read() (bsc#1074880). - media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431). - mISDN: fix a loop count (bsc#1077191). - mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1081500). - nfsd: do not share group_info among threads (bsc@1070623). - ocfs2: avoid blocking in ocfs2_mark_lockres_freeing() in downconvert thread (bsc#1076437). - ocfs2: do not set OCFS2_LOCK_UPCONVERT_FINISHING if nonblocking lock can not be granted at once (bsc#1076437). - ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257). - powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075088). - powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088). - powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088). - powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075088). - powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075088). - powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075088). - powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088). - powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075088). - powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075088). - powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032). - powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075088). - powerpc: Fix register clobbering when accumulating stolen time (bsc#1059174). - powerpc: Fix up the kdump base cap to 128M (bsc#1079917, bsc#1077487). - powerpc: Mark CONFIG_PPC_DEBUG_RFI as BROKEN (bsc#1075088). - powerpc/perf: Dereference BHRB entries safely (bsc#1064861, FATE#317619, git-fixes). - powerpc/perf: Fix book3s kernel to userspace backtraces (bsc#1080133). - powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper (bsc#1068032, bsc#1075088). - powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075088). - powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075088). - powerpc/pseries: Kill all prefetch streams on context switch (bsc#1068032, bsc#1075088). - powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075088). - powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075088). - powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1075088). - powerpc/pseries/rfi-flush: Drop PVR-based selection (bsc#1075088). - powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075088). - powerpc/rfi-flush: Factor out init_fallback_flush() (bsc#1075088). - powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1075088). - powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075088). - powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075088). - powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1075088). - powerpc/vdso64: Use double word compare on pointers (bsc#1070781). - rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075088). - rfi-flush: Move rfi_flush_fallback_area to end of paca (bsc#1075088). - rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1075088). - rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1075088). - s390: add ppa to the idle loop (bnc#1077406, LTC#163910). - s390/cpuinfo: show facilities as reported by stfle (bnc#1076849, LTC#163741). - scsi: libiscsi: fix shifting of DID_REQUEUE host byte (bsc#1078875). - scsi: sr: wait for the medium to become ready (bsc#1048585). - scsi: virtio_scsi: let host do exception handling (bsc#936530,bsc#1060682). - storvsc: do not assume SG list is continuous when doing bounce buffers (bsc#1075410). - sysfs/cpu: Add vulnerability folder (bnc#1012382). - sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382). - sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091). - Update config files: enable CPU vulnerabilities reporting via sysfs - x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984). - x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984). - x86/boot: Fix early command-line parsing when matching at end (bsc#1068032). - x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091). - x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382). - x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091). - x86/kaiser: Populate shadow PGD with NX bit only if supported by platform (bsc#1076154 bsc#1076278). - x86/kaiser: use trampoline stack for kernel entry. - x86/microcode/intel: Extend BDW late-loading further with LLC size check (bsc#1054305). - x86/microcode/intel: Extend BDW late-loading with a revision check (bsc#1054305). - x86/microcode: Rescan feature flags upon late loading (bsc#1075994 bsc#1075091). - x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032). - x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly (bsc#1075994 bsc#1075091). - x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091). - x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-kernel-rt-20180209-13539=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-rt-20180209-13539=1 Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-69.21.1 kernel-rt-base-3.0.101.rt130-69.21.1 kernel-rt-devel-3.0.101.rt130-69.21.1 kernel-rt_trace-3.0.101.rt130-69.21.1 kernel-rt_trace-base-3.0.101.rt130-69.21.1 kernel-rt_trace-devel-3.0.101.rt130-69.21.1 kernel-source-rt-3.0.101.rt130-69.21.1 kernel-syms-rt-3.0.101.rt130-69.21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-69.21.1 kernel-rt-debugsource-3.0.101.rt130-69.21.1 kernel-rt_debug-debuginfo-3.0.101.rt130-69.21.1 kernel-rt_debug-debugsource-3.0.101.rt130-69.21.1 kernel-rt_trace-debuginfo-3.0.101.rt130-69.21.1 kernel-rt_trace-debugsource-3.0.101.rt130-69.21.1 References: https://www.suse.com/security/cve/CVE-2015-1142857.html https://www.suse.com/security/cve/CVE-2017-13215.html https://www.suse.com/security/cve/CVE-2017-17741.html https://www.suse.com/security/cve/CVE-2017-18017.html https://www.suse.com/security/cve/CVE-2017-18079.html https://www.suse.com/security/cve/CVE-2017-5715.html https://www.suse.com/security/cve/CVE-2018-1000004.html https://www.suse.com/security/cve/CVE-2018-5332.html https://www.suse.com/security/cve/CVE-2018-5333.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1045538 https://bugzilla.suse.com/1048585 https://bugzilla.suse.com/1049128 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1054305 https://bugzilla.suse.com/1059174 https://bugzilla.suse.com/1060279 https://bugzilla.suse.com/1060682 https://bugzilla.suse.com/1063544 https://bugzilla.suse.com/1064861 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1068984 https://bugzilla.suse.com/1069508 https://bugzilla.suse.com/1070623 https://bugzilla.suse.com/1070781 https://bugzilla.suse.com/1073311 https://bugzilla.suse.com/1074488 https://bugzilla.suse.com/1074621 https://bugzilla.suse.com/1074880 https://bugzilla.suse.com/1075088 https://bugzilla.suse.com/1075091 https://bugzilla.suse.com/1075410 https://bugzilla.suse.com/1075617 https://bugzilla.suse.com/1075621 https://bugzilla.suse.com/1075908 https://bugzilla.suse.com/1075994 https://bugzilla.suse.com/1076017 https://bugzilla.suse.com/1076154 https://bugzilla.suse.com/1076278 https://bugzilla.suse.com/1076437 https://bugzilla.suse.com/1076849 https://bugzilla.suse.com/1077191 https://bugzilla.suse.com/1077355 https://bugzilla.suse.com/1077406 https://bugzilla.suse.com/1077487 https://bugzilla.suse.com/1077560 https://bugzilla.suse.com/1077922 https://bugzilla.suse.com/1078875 https://bugzilla.suse.com/1079917 https://bugzilla.suse.com/1080133 https://bugzilla.suse.com/1080359 https://bugzilla.suse.com/1080363 https://bugzilla.suse.com/1080372 https://bugzilla.suse.com/1080579 https://bugzilla.suse.com/1080685 https://bugzilla.suse.com/1080774 https://bugzilla.suse.com/1081500 https://bugzilla.suse.com/936530 https://bugzilla.suse.com/962257 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0839-1: important: Security update for memcached
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

SUSE Security Update: Security update for memcached ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0839-1 Rating: important References: #1056865 Cross-References: CVE-2017-9951 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for memcached fixes the following issues: - CVE-2017-9951: Fixed heap-based buffer over-read in try_read_command function which allowed remote attackers to cause a denial of service attack (bsc#1056865). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-562=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-562=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-562=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-562=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): memcached-debuginfo-1.4.39-4.3.1 memcached-debugsource-1.4.39-4.3.1 memcached-devel-1.4.39-4.3.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): memcached-1.4.39-4.3.1 memcached-debuginfo-1.4.39-4.3.1 memcached-debugsource-1.4.39-4.3.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): memcached-1.4.39-4.3.1 memcached-debuginfo-1.4.39-4.3.1 memcached-debugsource-1.4.39-4.3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): memcached-1.4.39-4.3.1 memcached-debuginfo-1.4.39-4.3.1 memcached-debugsource-1.4.39-4.3.1 References: https://www.suse.com/security/cve/CVE-2017-9951.html https://bugzilla.suse.com/1056865 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0838-1: important: Security update for libvirt
by opensuse-security＠opensuse.org 29 Mar '18

29 Mar '18

SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0838-1 Rating: important References: #1055365 #1076500 #1079869 #1083061 #1083625 Cross-References: CVE-2017-5715 CVE-2018-1064 CVE-2018-5748 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" (var2) (bsc#1079869). - CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625). - CVE-2018-5748: Fixed possible denial of service when reading from QEMU monitor (bsc#1076500). Non-security issues fixed: - bsc#1083061: Fixed 'dumpxml --migratable' exports domain id in output on SLES11 SP4. - bsc#1055365: Improve performance when listing hundreds of interfaces. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libvirt-13538=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libvirt-13538=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libvirt-13538=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-devel-1.2.5-23.6.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (x86_64): libvirt-devel-32bit-1.2.5-23.6.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-1.2.5-23.6.1 libvirt-client-1.2.5-23.6.1 libvirt-doc-1.2.5-23.6.1 libvirt-lock-sanlock-1.2.5-23.6.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libvirt-client-32bit-1.2.5-23.6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-debuginfo-1.2.5-23.6.1 libvirt-debugsource-1.2.5-23.6.1 References: https://www.suse.com/security/cve/CVE-2017-5715.html https://www.suse.com/security/cve/CVE-2018-1064.html https://www.suse.com/security/cve/CVE-2018-5748.html https://bugzilla.suse.com/1055365 https://bugzilla.suse.com/1076500 https://bugzilla.suse.com/1079869 https://bugzilla.suse.com/1083061 https://bugzilla.suse.com/1083625 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0834-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 28 Mar '18

28 Mar '18

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0834-1 Rating: important References: #1010470 #1012382 #1045330 #1062568 #1063416 #1066001 #1067118 #1068032 #1072689 #1072865 #1074488 #1075617 #1075621 #1077560 #1078669 #1078672 #1078673 #1078674 #1080255 #1080464 #1080757 #1082299 #1083244 #1083483 #1083494 #1083640 #1084323 #1085107 #1085114 #1085279 #1085447 Cross-References: CVE-2016-7915 CVE-2017-12190 CVE-2017-13166 CVE-2017-15299 CVE-2017-16644 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18204 CVE-2017-18208 CVE-2017-18221 CVE-2018-1066 CVE-2018-1068 CVE-2018-5332 CVE-2018-5333 CVE-2018-6927 CVE-2018-7566 Affected Products: SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that solves 19 vulnerabilities and has 12 fixes is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107). - CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls (bnc#1084323). - CVE-2018-1066: Prevent NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled during session recovery (bnc#1083640). - CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel v4l2 video driver (bnc#1072865). - CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose kernel memory addresses. Successful exploitation required that a USB device was attached over IP (bnc#1078674). - CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that already exists but is uninstantiated, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call (bnc#1063416). - CVE-2017-18208: The madvise_willneed function kernel allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494). - CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user could have reset the pool size manually via ioctl concurrently, which may have lead UAF or out-of-bound access (bsc#1083483). - CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a denial of service (deadlock) via DIO requests (bnc#1083244). - CVE-2017-16644: The hdpvr_probe function allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118). - CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value (bnc#1080757). - CVE-2017-16914: The "stub_send_ret_submit()" function allowed attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet (bnc#1078669). - CVE-2016-7915: The hid_input_field function allowed physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device (bnc#1010470). - CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did unbalanced refcounting when a SCSI I/O vector had small consecutive buffers belonging to the same page. The bio_add_pc_page function merged them into one, but the page reference was never dropped. This caused a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition (bnc#1062568). - CVE-2017-16912: The "get_pipe()" function allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673). - CVE-2017-16913: The "stub_recv_cmd_submit()" function when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672). - CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621). - CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617). - CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488). The following non-security bugs were fixed: - Fix build on arm64 by defining empty gmb() (bnc#1068032). - KEYS: do not let add_key() update an uninstantiated key (bnc#1063416). - KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001). - KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001). - include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header (bsc#1077560). - ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689). - ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689). - ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689). - x86/kaiser: use trampoline stack for kernel entry (bsc#1077560) - leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464). - livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299). - livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299) - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382). - media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382). - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382). - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382). - media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382). - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382). - media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382). - media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382). - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382). - media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382). - netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107). - netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107). - packet: only call dev_add_pack() on freshly allocated fanout instances - pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330). - x86/espfix: Fix return stack in do_double_fault() (bsc#1085279). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-558=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-558=1 Package List: - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): kernel-default-3.12.61-52.125.1 kernel-default-base-3.12.61-52.125.1 kernel-default-base-debuginfo-3.12.61-52.125.1 kernel-default-debuginfo-3.12.61-52.125.1 kernel-default-debugsource-3.12.61-52.125.1 kernel-default-devel-3.12.61-52.125.1 kernel-syms-3.12.61-52.125.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kernel-xen-3.12.61-52.125.1 kernel-xen-base-3.12.61-52.125.1 kernel-xen-base-debuginfo-3.12.61-52.125.1 kernel-xen-debuginfo-3.12.61-52.125.1 kernel-xen-debugsource-3.12.61-52.125.1 kernel-xen-devel-3.12.61-52.125.1 kgraft-patch-3_12_61-52_125-default-1-1.3.1 kgraft-patch-3_12_61-52_125-xen-1-1.3.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): kernel-devel-3.12.61-52.125.1 kernel-macros-3.12.61-52.125.1 kernel-source-3.12.61-52.125.1 - SUSE Linux Enterprise Server 12-LTSS (s390x): kernel-default-man-3.12.61-52.125.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.61-52.125.1 kernel-ec2-debuginfo-3.12.61-52.125.1 kernel-ec2-debugsource-3.12.61-52.125.1 kernel-ec2-devel-3.12.61-52.125.1 kernel-ec2-extra-3.12.61-52.125.1 kernel-ec2-extra-debuginfo-3.12.61-52.125.1 References: https://www.suse.com/security/cve/CVE-2016-7915.html https://www.suse.com/security/cve/CVE-2017-12190.html https://www.suse.com/security/cve/CVE-2017-13166.html https://www.suse.com/security/cve/CVE-2017-15299.html https://www.suse.com/security/cve/CVE-2017-16644.html https://www.suse.com/security/cve/CVE-2017-16911.html https://www.suse.com/security/cve/CVE-2017-16912.html https://www.suse.com/security/cve/CVE-2017-16913.html https://www.suse.com/security/cve/CVE-2017-16914.html https://www.suse.com/security/cve/CVE-2017-18017.html https://www.suse.com/security/cve/CVE-2017-18204.html https://www.suse.com/security/cve/CVE-2017-18208.html https://www.suse.com/security/cve/CVE-2017-18221.html https://www.suse.com/security/cve/CVE-2018-1066.html https://www.suse.com/security/cve/CVE-2018-1068.html https://www.suse.com/security/cve/CVE-2018-5332.html https://www.suse.com/security/cve/CVE-2018-5333.html https://www.suse.com/security/cve/CVE-2018-6927.html https://www.suse.com/security/cve/CVE-2018-7566.html https://bugzilla.suse.com/1010470 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1045330 https://bugzilla.suse.com/1062568 https://bugzilla.suse.com/1063416 https://bugzilla.suse.com/1066001 https://bugzilla.suse.com/1067118 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1072689 https://bugzilla.suse.com/1072865 https://bugzilla.suse.com/1074488 https://bugzilla.suse.com/1075617 https://bugzilla.suse.com/1075621 https://bugzilla.suse.com/1077560 https://bugzilla.suse.com/1078669 https://bugzilla.suse.com/1078672 https://bugzilla.suse.com/1078673 https://bugzilla.suse.com/1078674 https://bugzilla.suse.com/1080255 https://bugzilla.suse.com/1080464 https://bugzilla.suse.com/1080757 https://bugzilla.suse.com/1082299 https://bugzilla.suse.com/1083244 https://bugzilla.suse.com/1083483 https://bugzilla.suse.com/1083494 https://bugzilla.suse.com/1083640 https://bugzilla.suse.com/1084323 https://bugzilla.suse.com/1085107 https://bugzilla.suse.com/1085114 https://bugzilla.suse.com/1085279 https://bugzilla.suse.com/1085447 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0831-1: important: Security update for qemu
by opensuse-security＠opensuse.org 27 Mar '18

27 Mar '18

SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0831-1 Rating: important References: #1040202 #1068032 #1068613 #1070144 #1071228 #1073489 #1076114 #1076179 #1076775 #1076814 #1082276 #1083291 #1085598 Cross-References: CVE-2017-15119 CVE-2017-15124 CVE-2017-16845 CVE-2017-17381 CVE-2017-18030 CVE-2017-18043 CVE-2017-5715 CVE-2018-5683 CVE-2018-7550 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has four fixes is now available. Description: This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. (CVE-2017-5715 bsc#1068032) The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl feature for all x86 vcpu types, which was the quick and dirty approach, but not the proper solution. We replaced our initial patch by the patches from upstream. This update defines spec_ctrl and ibpb cpu feature flags as well as new cpu models which are clones of existing models with either -IBRS or -IBPB added to the end of the model name. These new vcpu models explicitly include the new feature(s), whereas the feature flags can be added to the cpu parameter as with other features. In short, for continued Spectre v2 protection, ensure that either the appropriate cpu feature flag is added to the QEMU command-line, or one of the new cpu models is used. Although migration from older versions is supported, the new cpu features won't be properly exposed to the guest until it is restarted with the cpu features explicitly added. A reboot is insufficient. A warning patch is added which attempts to detect a migration from a qemu version which had the quick and dirty fix (it only detects certain cases, but hopefully is helpful.) For additional information on Spectre v2 as it relates to QEMU, see: https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/ A patch is added to continue to detect Spectre v2 mitigation features (as shown by cpuid), and if found provide that feature to guests, even if running on older KVM (kernel) versions which do not yet expose that feature to QEMU. (bsc#1082276) These two patches will be removed when we can reasonably assume everyone is running with the appropriate updates. Also security fixes for the following CVE issues are included: - CVE-2017-15119: The Network Block Device (NBD) server in Quick Emulator (QEMU), was vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS. (bsc#1070144) - CVE-2017-15124: VNC server implementation in Quick Emulator (QEMU) was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host. (bsc#1073489) - CVE-2017-16845: The PS2 driver in Qemu did not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. (bsc#1068613) - CVE-2017-17381: The Virtio Vring implementation in QEMU allowed local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. (bsc#1071228) - CVE-2017-18030: A problem in the Cirrus driver in Qemu allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch. (bsc#1076179) - CVE-2017-18043: Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allowed a user to cause a denial of service (Qemu process crash). (bsc#1076775) - CVE-2018-5683: The VGA driver in Qemu allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. (bsc#1076114) - CVE-2018-7550: The multiboot functionality in Quick Emulator (aka QEMU) allowed local guest OS users to execute arbitrary code on the QEMU host via an out-of-bounds read or write memory access. (bsc#1083291) Also the following bugs were fixed: - Eliminate bogus use of CPUID_7_0_EDX_PRED_CMD which we've carried since the initial Spectre v2 patch was added. EDX bit 27 of CPUID Leaf 07H, Sub-leaf 0 provides status on STIBP, and not the PRED_CMD MSR. Exposing the STIBP CPUID feature bit to the guest is wrong in general, since the VM doesn't directly control the scheduling of physical hyperthreads. This is left strictly to the L0 hypervisor. - Spectre fixes for IBM Z series by providing more hw features to guests (bsc#1076814) - Pre-add group kvm for qemu-tools (bsc#1040202) - the qemu-tools package also needs a prerequire of group management tools, from the shadow package. (bsc#1085598) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-555=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-555=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-555=1 Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): qemu-2.6.2-41.37.1 qemu-arm-2.6.2-41.37.1 qemu-arm-debuginfo-2.6.2-41.37.1 qemu-block-curl-2.6.2-41.37.1 qemu-block-curl-debuginfo-2.6.2-41.37.1 qemu-block-rbd-2.6.2-41.37.1 qemu-block-rbd-debuginfo-2.6.2-41.37.1 qemu-block-ssh-2.6.2-41.37.1 qemu-block-ssh-debuginfo-2.6.2-41.37.1 qemu-debugsource-2.6.2-41.37.1 qemu-guest-agent-2.6.2-41.37.1 qemu-guest-agent-debuginfo-2.6.2-41.37.1 qemu-lang-2.6.2-41.37.1 qemu-tools-2.6.2-41.37.1 qemu-tools-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): qemu-ipxe-1.0.0-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): qemu-2.6.2-41.37.1 qemu-block-curl-2.6.2-41.37.1 qemu-block-curl-debuginfo-2.6.2-41.37.1 qemu-block-ssh-2.6.2-41.37.1 qemu-block-ssh-debuginfo-2.6.2-41.37.1 qemu-debugsource-2.6.2-41.37.1 qemu-guest-agent-2.6.2-41.37.1 qemu-guest-agent-debuginfo-2.6.2-41.37.1 qemu-lang-2.6.2-41.37.1 qemu-tools-2.6.2-41.37.1 qemu-tools-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 x86_64): qemu-block-rbd-2.6.2-41.37.1 qemu-block-rbd-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (s390x x86_64): qemu-kvm-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64): qemu-arm-2.6.2-41.37.1 qemu-arm-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le): qemu-ppc-2.6.2-41.37.1 qemu-ppc-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): qemu-ipxe-1.0.0-41.37.1 qemu-seabios-1.9.1-41.37.1 qemu-sgabios-8-41.37.1 qemu-vgabios-1.9.1-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): qemu-x86-2.6.2-41.37.1 qemu-x86-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Server 12-SP2 (s390x): qemu-s390-2.6.2-41.37.1 qemu-s390-debuginfo-2.6.2-41.37.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): qemu-2.6.2-41.37.1 qemu-block-curl-2.6.2-41.37.1 qemu-block-curl-debuginfo-2.6.2-41.37.1 qemu-debugsource-2.6.2-41.37.1 qemu-kvm-2.6.2-41.37.1 qemu-tools-2.6.2-41.37.1 qemu-tools-debuginfo-2.6.2-41.37.1 qemu-x86-2.6.2-41.37.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): qemu-ipxe-1.0.0-41.37.1 qemu-seabios-1.9.1-41.37.1 qemu-sgabios-8-41.37.1 qemu-vgabios-1.9.1-41.37.1 References: https://www.suse.com/security/cve/CVE-2017-15119.html https://www.suse.com/security/cve/CVE-2017-15124.html https://www.suse.com/security/cve/CVE-2017-16845.html https://www.suse.com/security/cve/CVE-2017-17381.html https://www.suse.com/security/cve/CVE-2017-18030.html https://www.suse.com/security/cve/CVE-2017-18043.html https://www.suse.com/security/cve/CVE-2017-5715.html https://www.suse.com/security/cve/CVE-2018-5683.html https://www.suse.com/security/cve/CVE-2018-7550.html https://bugzilla.suse.com/1040202 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1068613 https://bugzilla.suse.com/1070144 https://bugzilla.suse.com/1071228 https://bugzilla.suse.com/1073489 https://bugzilla.suse.com/1076114 https://bugzilla.suse.com/1076179 https://bugzilla.suse.com/1076775 https://bugzilla.suse.com/1076814 https://bugzilla.suse.com/1082276 https://bugzilla.suse.com/1083291 https://bugzilla.suse.com/1085598 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2018:0830-1: important: Security update for LibVNCServer
by opensuse-security＠opensuse.org 27 Mar '18

27 Mar '18

SUSE Security Update: Security update for LibVNCServer ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0830-1 Rating: important References: #1017711 #1017712 #1081493 Cross-References: CVE-2016-9941 CVE-2016-9942 CVE-2018-7225 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: LibVNCServer was updated to fix two security issues. These security issues were fixed: - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493). - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions (bsc#1017712). - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area (bsc#1017711). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-554=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-554=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-554=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-554=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-554=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-17.5.1 LibVNCServer-devel-0.9.9-17.5.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-17.5.1 LibVNCServer-devel-0.9.9-17.5.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): LibVNCServer-debugsource-0.9.9-17.5.1 libvncclient0-0.9.9-17.5.1 libvncclient0-debuginfo-0.9.9-17.5.1 libvncserver0-0.9.9-17.5.1 libvncserver0-debuginfo-0.9.9-17.5.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-17.5.1 libvncclient0-0.9.9-17.5.1 libvncclient0-debuginfo-0.9.9-17.5.1 libvncserver0-0.9.9-17.5.1 libvncserver0-debuginfo-0.9.9-17.5.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-17.5.1 libvncclient0-0.9.9-17.5.1 libvncclient0-debuginfo-0.9.9-17.5.1 libvncserver0-0.9.9-17.5.1 libvncserver0-debuginfo-0.9.9-17.5.1 References: https://www.suse.com/security/cve/CVE-2016-9941.html https://www.suse.com/security/cve/CVE-2016-9942.html https://www.suse.com/security/cve/CVE-2018-7225.html https://bugzilla.suse.com/1017711 https://bugzilla.suse.com/1017712 https://bugzilla.suse.com/1081493 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

openSUSE Security Announce March 2018