openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
February 2018
- 1 participants
- 50 discussions
[security-announce] openSUSE-SU-2018:0494-1: important: Security update for glibc
by opensuse-security@opensuse.org 20 Feb '18
by opensuse-security@opensuse.org 20 Feb '18
20 Feb '18
openSUSE Security Update: Security update for glibc
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0494-1
Rating: important
References: #1037930 #1051791 #1073990 #1074293 #1079036
Cross-References: CVE-2017-12132 CVE-2017-8804 CVE-2018-1000001
CVE-2018-6485 CVE-2018-6551
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2017-8804: Fix memory leak after deserialization failure in
xdr_bytes, xdr_string (bsc#1037930)
- CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791)
- CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign
and malloc functions (bsc#1079036)
- CVE-2018-1000001: Avoid underflow of malloced area (bsc#1074293)
Non security bugs fixed:
- Release read lock after resetting timeout (bsc#1073990)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-184=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (i586 i686 x86_64):
glibc-2.22-13.2
glibc-debuginfo-2.22-13.2
glibc-debugsource-2.22-13.2
glibc-devel-2.22-13.2
glibc-devel-debuginfo-2.22-13.2
glibc-devel-static-2.22-13.2
glibc-locale-2.22-13.2
glibc-locale-debuginfo-2.22-13.2
glibc-profile-2.22-13.2
- openSUSE Leap 42.3 (i586 x86_64):
glibc-extra-2.22-13.2
glibc-extra-debuginfo-2.22-13.2
glibc-utils-2.22-13.2
glibc-utils-debuginfo-2.22-13.2
glibc-utils-debugsource-2.22-13.2
nscd-2.22-13.2
nscd-debuginfo-2.22-13.2
- openSUSE Leap 42.3 (noarch):
glibc-html-2.22-13.2
glibc-i18ndata-2.22-13.2
glibc-info-2.22-13.2
- openSUSE Leap 42.3 (x86_64):
glibc-32bit-2.22-13.2
glibc-debuginfo-32bit-2.22-13.2
glibc-devel-32bit-2.22-13.2
glibc-devel-debuginfo-32bit-2.22-13.2
glibc-devel-static-32bit-2.22-13.2
glibc-locale-32bit-2.22-13.2
glibc-locale-debuginfo-32bit-2.22-13.2
glibc-profile-32bit-2.22-13.2
glibc-utils-32bit-2.22-13.2
glibc-utils-debuginfo-32bit-2.22-13.2
- openSUSE Leap 42.3 (i586):
glibc-obsolete-2.22-13.2
glibc-obsolete-debuginfo-2.22-13.2
References:
https://www.suse.com/security/cve/CVE-2017-12132.html
https://www.suse.com/security/cve/CVE-2017-8804.html
https://www.suse.com/security/cve/CVE-2018-1000001.html
https://www.suse.com/security/cve/CVE-2018-6485.html
https://www.suse.com/security/cve/CVE-2018-6551.html
https://bugzilla.suse.com/1037930
https://bugzilla.suse.com/1051791
https://bugzilla.suse.com/1073990
https://bugzilla.suse.com/1074293
https://bugzilla.suse.com/1079036
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:0482-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 19 Feb '18
by opensuse-security@opensuse.org 19 Feb '18
19 Feb '18
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0482-1
Rating: important
References: #1012382 #1019784 #1031717 #1036737 #1038078
#1038085 #1043652 #1048585 #1052360 #1060279
#1066223 #1066842 #1068032 #1068038 #1068569
#1068984 #1069160 #1070799 #1072163 #1072484
#1072589 #1073229 #1073230 #1073928 #1074134
#1074488 #1074621 #1074709 #1074839 #1074847
#1075066 #1075078 #1075087 #1075091 #1075428
#1075617 #1075621 #1075627 #1075994 #1076017
#1076110 #1076806 #1076809 #1076872 #1076899
#1077068 #1077560 #1077592 #1077871 #1078526
#1078681 #963844 #988524
Cross-References: CVE-2017-15129 CVE-2017-17712 CVE-2017-17862
CVE-2017-17864 CVE-2017-18017 CVE-2017-5715
CVE-2018-1000004 CVE-2018-5332 CVE-2018-5333
Affected Products:
SUSE Linux Enterprise Real Time Extension 12-SP2
______________________________________________________________________________
An update that solves 9 vulnerabilities and has 44 fixes is
now available.
Description:
The SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.114 to
receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized
disclosure of information to an attacker with local user access via a
side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building
the Linux Kernel with return trampolines aka "retpolines".
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in
net/rds/rdma.c mishandled cases where page pinning fails or an invalid
address is supplied, leading to an rds_atomic_free_op NULL pointer
dereference (bnc#1075617).
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function
did not validate a value that is used during DMA page allocation,
leading to a heap-based out-of-bounds write (related to the
rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores
unreachable code, even though it would still be processed by JIT
compilers. This behavior, also considered an improper branch-pruning
logic issue, could possibly be used by local users for denial of service
(bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled
states_equal comparisons between the pointer data type and the
UNKNOWN_VALUE data type, which allowed local users to obtain potentially
sensitive address information, aka a "pointer leak (bnc#1073928).
- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the
Linux kernel has a race condition in inet->hdrincl that leads to
uninitialized stack pointer usage; this allowed a local user to execute
code and gain privileges (bnc#1073229 1073230).
- CVE-2017-15129: A use-after-free vulnerability was found in network
namespaces code affecting the Linux kernel The function
get_net_ns_by_id() in net/core/net_namespace.c did not check for the
net::count value after it has found a peer network in netns_ids idr,
which could lead to double free and memory corruption. This
vulnerability could allow an unprivileged local user to induce kernel
memory corruption on the system, leading to a crash. Due to the nature
of the flaw, privilege escalation cannot be fully ruled out, although it
is thought to be unlikely (bnc#1074839).
- CVE-2017-18017: The tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers
to cause a denial of service (use-after-free and memory corruption) or
possibly have unspecified other impact by leveraging the presence of
xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability
exists in the sound system, this can lead to a deadlock and denial of
service condition (bnc#1076017).
The following non-security bugs were fixed:
- 509: fix printing uninitialized stack memory when OID is empty
(bsc#1075078).
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).
- acpi / scan: Prefer devices without _HID/_CID for _ADR matching
(bnc#1012382).
- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).
- af_key: fix buffer overread in verify_address_len() (bnc#1012382).
- afs: Adjust mode bits processing (bnc#1012382).
- afs: Connect up the CB.ProbeUuid (bnc#1012382).
- afs: Fix afs_kill_pages() (bnc#1012382).
- afs: Fix missing put_page() (bnc#1012382).
- afs: Fix page leak in afs_write_begin() (bnc#1012382).
- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).
- afs: Flush outstanding writes when an fd is closed (bnc#1012382).
- afs: Migrate vlocation fields to 64-bit (bnc#1012382).
- afs: Populate and use client modification time (bnc#1012382).
- afs: Populate group ID from vnode status (bnc#1012382).
- afs: Prevent callback expiry timer overflow (bnc#1012382).
- alpha: fix build failures (bnc#1012382).
- alsa: aloop: Fix inconsistent format due to incomplete rule
(bsc#1031717).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).
- alsa: aloop: Release cable upon open error path (bsc#1031717).
- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant
(bsc#1031717).
- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops
(bsc#1031717).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder
(bsc#1031717).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops
(bsc#1031717).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).
- arc: uaccess: dont use "l" gcc inline asm constraint modifier
(bnc#1012382).
- arm64: Add hypervisor safe helper for checking constant capabilities
(bsc#1068032).
- arm64: Add macros to read/write system registers (bsc#1068032).
- arm64: add macro to extract ESR_ELx.EC (bsc#1068032).
- arm64: Add skeleton to harden the branch predictor against aliasing
attacks (bsc#1068032).
- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).
- arm64: alternative: add auto-nop infrastructure (bsc#1068032).
- arm64: barriers: introduce nops and __nops macros for NOP sequences
(bsc#1068032).
- arm64: cpu_errata: Allow an erratum to be match for all revisions of a
core (bsc#1068032).
- arm64: cpufeature: Add scope for capability check (bsc#1068032).
- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).
- arm64: cpufeature: Pass capability structure to ->enable callback
(bsc#1068032).
- arm64: debug: remove unused local_dbg_{enable, disable} macros
(bsc#1068032).
- arm64: Disable kpti for non broadcast TLB HW (bsc#1068032).
- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).
- arm64: do not pull uaccess.h into *.S (bsc#1068032).
- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: entry: Add exception trampoline page for exceptions from EL0
(bsc#1068032).
- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
(bsc#1068032).
- arm64: entry: Explicitly pass exception level to kernel_ventry macro
(bsc#1068032).
- arm64: entry: Hook up entry trampoline to exception vectors
(bsc#1068032).
- arm64: entry: remove pointless SPSR mode check (bsc#1068032).
- arm64: entry.S convert el0_sync (bsc#1068032).
- arm64: entry.S: convert el1_sync (bsc#1068032).
- arm64: entry.S: convert elX_irq (bsc#1068032).
- arm64: entry.S: move SError handling into a C function for future
expansion (bsc#1068032).
- arm64: entry.S: Remove disable_dbg (bsc#1068032).
- arm64: explicitly mask all exceptions (bsc#1068032).
- arm64: factor out entry stack manipulation (bsc#1068032).
- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).
- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros
(bsc#1068032).
- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm
macro (bsc#1068032).
- arm64: factor work_pending state machine to C (bsc#1068032).
- arm64: Fix circular include of asm/lse.h through linux/jump_label.h
(bsc#1068032).
- arm64: Fix compilation (bsc#1068032).
- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).
- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).
- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).
- arm64: Implement branch predictor hardening for affected Cortex-A CPUs
(bsc#1068032).
- arm64: Initialise high_memory global variable earlier (bnc#1012382).
- arm64: introduce an order for exceptions (bsc#1068032).
- arm64: introduce mov_q macro to move a constant into a 64-bit register
(bsc#1068032).
- arm64: Introduce uaccess_{disable,enable} functionality based on
TTBR0_EL1 (bsc#1068032).
- arm64: kaslr: Put kernel vectors address in separate data page
(bsc#1068032).
- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).
- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).
- arm64: kill ESR_LNX_EXEC (bsc#1068032).
- arm64: kpti: Fix the interaction between ASID switching and software PAN
(bsc#1068032).
- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls
(bnc#1012382).
- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm64: kvm: Survive unknown traps from guests (bnc#1012382).
- arm64: kvm: Use per-CPU vector when BP hardening is enabled
(bsc#1068032).
- arm64: Mask all exceptions during kernel_exit (bsc#1068032).
- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).
- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).
- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: hardcode rodata=true (bsc#1068032).
- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
(bsc#1068032).
- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
(bsc#1068032).
- arm64: mm: Map entry trampoline into trampoline and kernel page tables
(bsc#1068032).
- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).
- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).
- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).
- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).
- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).
- arm64: Move the async/fiq helpers to explicitly set process context
flags (bsc#1068032).
- arm64: Store struct thread_info in sp_el0 (bsc#1068032).
- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to
init_mm (bsc#1068032).
- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).
- arm64: swp emulation: bound LL/SC retries before rescheduling
(bsc#1068032).
- arm64: sysreg: allow write_sysreg to use XZR (bsc#1068032).
- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg
(bsc#1068032).
- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).
- arm64: tlbflush.h: add __tlbi() macro (bsc#1068032).
- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
(bsc#1068032).
- arm64: use alternative auto-nop (bsc#1068032).
- arm64: use RET instruction for exiting the trampoline (bsc#1068032).
- arm64: Use static keys for CPU features (bsc#1068032).
- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).
- arm: avoid faulting on qemu (bnc#1012382).
- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).
- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).
- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed
memory (bnc#1012382).
- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).
- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7
(bnc#1012382).
- arm: dts: ti: fix pci bus dtc warnings (bnc#1012382).
- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).
- arm: kprobes: Fix the return address of multiple kretprobes
(bnc#1012382).
- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm: kvm: Survive unknown traps from guests (bnc#1012382).
- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).
- arm: OMAP2+: Fix device node reference counts (bnc#1012382).
- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure
(bnc#1012382).
- arm: OMAP2+: Release device node after it is no longer needed
(bnc#1012382).
- asm-prototypes: Clear any CPP defines before declaring the functions
(git-fixes).
- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).
- asn.1: fix out-of-bounds read when parsing indefinite length item
(bnc#1012382).
- ath9k: fix tx99 potential info leak (bnc#1012382).
- atm: horizon: Fix irq release error (bnc#1012382).
- audit: ensure that 'audit=1' actually enables audit for PID 1
(bnc#1012382).
- axonram: Fix gendisk handling (bnc#1012382).
- backlight: pwm_bl: Fix overflow condition (bnc#1012382).
- bcache: add a comment in journal bucket reading (bsc#1076110).
- bcache: Avoid nested function definition (bsc#1076110).
- bcache: check return value of register_shrinker (bsc#1076110).
- bcache: debug: avoid accessing .bi_io_vec directly (bsc#1076110).
- bcache: documentation formatting, edited for clarity, stripe alignment
notes (bsc#1076110).
- bcache: documentation updates and corrections (bsc#1076110).
- bcache: Do not reinvent the wheel but use existing llist API
(bsc#1076110).
- bcache: do not write back data if reading it failed (bsc#1076110).
- bcache: explicitly destroy mutex while exiting (bnc#1012382).
- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).
- bcache: fix sequential large write IO bypass (bsc#1076110).
- bcache: fix wrong cache_misses statistics (bnc#1012382).
- bcache: gc does not work when triggering by manual command (bsc#1076110,
bsc#1038078).
- bcache: implement PI controller for writeback rate (bsc#1076110).
- bcache: increase the number of open buckets (bsc#1076110).
- bcache: only permit to recovery read error when cache device is clean
(bnc#1012382 bsc#1043652).
- bcache: partition support: add 16 minors per bcacheN device
(bsc#1076110).
- bcache: pr_err: more meaningful error message when nr_stripes is invalid
(bsc#1076110).
- bcache: rearrange writeback main thread ratelimit (bsc#1076110).
- bcache: recover data from backing when data is clean (bnc#1012382
bsc#1043652).
- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails
(bsc#1076110).
- bcache: Remove deprecated create_workqueue (bsc#1076110).
- bcache: Remove redundant block_size assignment (bsc#1076110).
- bcache: Remove redundant parameter for cache_alloc() (bsc#1076110).
- bcache: Remove redundant set_capacity (bsc#1076110).
- bcache: remove unused parameter (bsc#1076110).
- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085,
bsc#1019784).
- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).
- bcache: silence static checker warning (bsc#1076110).
- bcache: smooth writeback rate control (bsc#1076110).
- bcache: switch to using blk_queue_write_cache() (bsc#1076110).
- bcache.txt: standardize document format (bsc#1076110).
- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints
(bsc#1076110).
- bcache: update bucket_in_use in real time (bsc#1076110).
- bcache: Update continue_at() documentation (bsc#1076110).
- bcache: update document info (bsc#1076110).
- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).
- bcache: use llist_for_each_entry_safe() in __closure_wake_up()
(bsc#1076110).
- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).
- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).
- be2net: restore properly promisc mode after queues reconfiguration
(bsc#963844 FATE#320192).
- block: export bio_free_pages to other modules (bsc#1076110).
- block: wake up all tasks blocked in get_request() (bnc#1012382).
- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure
(bnc#1012382).
- bnx2x: fix possible overrun of VFPF multicast addresses array
(bnc#1012382).
- bnx2x: prevent crash when accessing PTP with interface down
(bnc#1012382).
- btrfs: account for pinned bytes in should_alloc_chunk (bsc#1066842).
- btrfs: add missing memset while reading compressed inline extents
(bnc#1012382).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
(bnc#1012382).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: gs_usb: fix return value of the "set_bittiming" callback
(bnc#1012382).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
(bnc#1012382).
- can: kvaser_usb: free buf in error paths (bnc#1012382).
- can: kvaser_usb: ratelimit errors if incomplete messages are received
(bnc#1012382).
- can: peak: fix potential bug in packet fragmentation (bnc#1012382).
- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: wait for tray to close (bsc#1048585).
- ceph: drop negative child dentries before try pruning inode's alias
(bnc#1012382).
- ceph: more accurate statfs (bsc#1077068).
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o
VPU (bnc#1012382).
- clk: mediatek: add the option for determining PLL source clock
(bnc#1012382).
- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).
- cpuidle: fix broadcast control when broadcast can not be entered
(bnc#1012382).
- cpuidle: powernv: Pass correct drv->cpumask for registration
(bnc#1012382).
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
(bnc#1012382).
- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).
- crypto: crypto4xx - increase context and scatter ring buffer elements
(bnc#1012382).
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex
(bnc#1012382).
- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).
- crypto: n2 - cure use after free (bnc#1012382).
- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).
- crypto: s5p-sss - Fix completing crypto request in IRQ handler
(bnc#1012382).
- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).
- cxl: Check if vphb exists before iterating over AFU devices
(bsc#1066223).
- dax: Pass detailed error code from __dax_fault() (bsc#1072484).
- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state
(bnc#1012382).
- delay: add poll_event_interruptible (bsc#1048585).
- dmaengine: dmatest: move callback wait queue to thread context
(bnc#1012382).
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool()
(bnc#1012382).
- dmaengine: pl330: fix double lock (bnc#1012382).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type
(bnc#1012382).
- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
(bnc#1012382).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).
- drivers: base: cacheinfo: fix boot error message when acpi is enabled
(bnc#1012382).
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled (bnc#1012382).
- drivers/firmware: Expose psci_get_version through psci_ops structure
(bsc#1068032).
- drivers/md/bcache/util.h: remove duplicate inclusion of blkdev.h
(bsc#1076110).
- drivers: net: xgene: Fix hardware checksum setting (bsc#1078526).
- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).
- drm: extra printk() wrapper macros (bnc#1012382).
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement
(bnc#1012382).
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU
(bnc#1012382).
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).
- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).
- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).
- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE
instead of 0 (bnc#1012382).
- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).
- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).
- edac, sb_edac: Fix missing break in switch (bnc#1012382).
- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).
- efi: Move some sysfs files to be read-only by root (bnc#1012382).
- eventpoll.h: add missing epoll event masks (bnc#1012382).
- ext4: fix crash when a directory's i_size is too small (bnc#1012382).
- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).
- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).
- fbdev: controlfb: Add missing modes to fix out of bounds access
(bnc#1012382).
- Fix build error in vma.c (bnc#1012382).
- fjes: Fix wrong netdevice feature flags (bnc#1012382).
- flow_dissector: properly cap thoff field (bnc#1012382).
- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).
- fork: clear thread stack upon allocation (bsc#1077560). Conflicts:
series.conf
- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).
- futex: Prevent overflow by strengthen input validation (bnc#1012382).
- gcov: disable for COMPILE_TEST (bnc#1012382).
- gfs2: Take inode off order_write list when setting jdata flag
(bnc#1012382).
- gpio: altera: Use handle_level_irq when configured as a level_high
(bnc#1012382).
- hid: chicony: Add support for another ASUS Zen AiO keyboard
(bnc#1012382).
- hid: xinmo: fix for out of range for THT 2P arcade controller
(bnc#1012382).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).
- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).
- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).
- i40e: Do not enable NAPI on q_vectors that have no rings (bnc#1012382).
- ib/hfi1: Correct defered count after processing qp_wait_list (git-fixes).
- ib/hfi1: Fix rnr_timer addition (git-fixes).
- ib/hfi1: Handle kzalloc failure in init_pervl_scs (git-fixes).
- ib/hfi1: Move iowait_init() to priv allocate (git-fixes).
- ib/hfi1: Prevent kernel QP post send hard lockups (git-fixes).
- ib/hfi1: Reset QSFP on every run through channel tuning (git-fixes).
- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush
(git-fixes).
- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop
(bnc#1012382).
- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).
- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).
- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).
- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).
- ibmvnic: Fix IP offload control buffer (bsc#1076899).
- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).
- ibmvnic: Fix pending MAC address changes (bsc#1075627).
- ibmvnic: Modify buffer size and number of queues on failover
(bsc#1076872).
- ibmvnic: Revert to previous mtu when unsupported value requested
(bsc#1076872).
- ibmvnic: Wait for device response when changing MAC (bsc#1078681).
- ib/qib: Remove qpt_mask global (git-fixes).
- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (git-fixes).
- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).
- igb: check memory allocation failure (bnc#1012382).
- ima: fix hash algorithm initialization (bnc#1012382).
- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).
- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).
- input: elantech - add new icbody type 15 (bnc#1012382).
- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
(bnc#1012382).
- input: trackpoint - force 3 buttons if 0 button is reported
(bnc#1012382).
- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).
- input: twl6040-vibra - fix child-node lookup (bnc#1012382).
- input: twl6040-vibra - fix DT node memory management (bnc#1012382).
- intel_th: pci: Add Gemini Lake support (bnc#1012382).
- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).
- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).
- ipmi: Stop timers before cleaning up the module (bnc#1012382).
- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).
- ipv4: igmp: guard against silly MTU values (bnc#1012382).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be
INADDR_ANY (bnc#1012382).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
(bnc#1012382).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).
- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).
- ipv6: mcast: better catch silly mtu values (bnc#1012382).
- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).
- ipvlan: fix ipv6 outbound device (bnc#1012382).
- ipvlan: remove excessive packet scrubbing (bsc#1070799).
- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).
- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
(bnc#1012382).
- isdn: kcapi: avoid uninitialized data (bnc#1012382).
- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).
- ixgbe: fix use of uninitialized padding (bnc#1012382).
- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).
- jump_label: Make it possible for arches to invoke jump_label_init()
earlier (bsc#1068032).
- jump_labels: Allow array initialisers (bsc#1068032).
- Kabi: Keep KVM stable after enable s390 wire up bpb feature
(bsc#1076806).
- kABI: protect struct bpf_map (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect struct t10_alua_tg_pt_gp (kabi).
- kABI: protect struct usbip_device (kabi).
- kabi/severities: do not care about stuff_RSB
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621
bsc#1068032).
- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).
- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).
- kernel/acct.c: fix the acct->needcheck check in check_free_space()
(bnc#1012382).
- kernel: make groups_sort calling a responsibility group_info allocators
(bnc#1012382).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from
!sig_kernel_only() signals (bnc#1012382).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
(bnc#1012382).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in
complete_signal() (bnc#1012382).
- keys: add missing permission check for request_key() destination
(bnc#1012382).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).
- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).
- kpti: Report when enabled (bnc#1012382).
- kvm: arm/arm64: Fix occasional warning from the timer work function
(bnc#1012382 bsc#988524).
- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).
- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset
(bnc#1012382).
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).
- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables
(bnc#1012382).
- kvm: s390: Enable all facility bits that are known good for passthrough
(bsc#1076806).
- kvm: s390: wire up bpb feature (bsc#1076806).
- kvm: VMX: Fix enable VPID conditions (bnc#1012382).
- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382).
- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).
- kvm: x86: correct async page present tracepoint (bnc#1012382).
- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).
- kvm: x86: fix RSM when pciD is non-zero (bnc#1012382).
- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).
- lan78xx: Fix failure in USB Full Speed (bnc#1012382).
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
(bnc#1012382).
- libata: drop WARN from protocol error in ata_sff_qc_issue()
(bnc#1012382).
- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).
- macvlan: Only deliver one copy of the frame to the macvlan interface
(bnc#1012382).
- md-cluster: free md_cluster_info if node leave cluster (bnc#1012382).
- media: dvb: i2c transfers over usb cannot be done from stack
(bnc#1012382).
- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).
- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).
- mfd: twl6040: Fix child-node lookup (bnc#1012382).
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
(bnc#1012382).
- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
(bnc#1012382).
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
(bnc#1012382).
- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
(bnc#1012382).
- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
(bnc#1012382).
- MIPS: math-emu: Fix final emulation phase for certain instructions
(bnc#1012382).
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the
task (bnc#1012382).
- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).
- mlxsw: reg: Fix SPVM max record count (bnc#1012382).
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers
(bnc#1012382).
- mmc: mediatek: Fixed bug where clock frequency could be set wrong
(bnc#1012382).
- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).
- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).
- mm: Introduce lm_alias (bsc#1068032).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
(bnc#1012382).
- mm/mprotect: add a cond_resched() inside change_pmd_range()
(bnc#1077871).
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP
(bnc#1012382).
- module: set __jump_table alignment to 8 (bnc#1012382).
- more bio_map_user_iov() leak fixes (bnc#1012382).
- net: Allow neigh contructor functions ability to modify the primary_key
(bnc#1012382).
- net/appletalk: Fix kernel memory disclosure (bnc#1012382).
- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values
(bnc#1012382).
- net: bcmgenet: power down internal phy if open or resume fails
(bnc#1012382).
- net: bcmgenet: Power up the internal PHY before probing the MII
(bnc#1012382).
- net: bcmgenet: reserved phy revisions must be checked first
(bnc#1012382).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink
leaks (bnc#1012382).
- net: core: fix module type in sock_diag_bind (bnc#1012382).
- net: Do not allow negative values for busy_read and busy_poll sysctl
interfaces (bnc#1012382).
- net: fec: fix multicast filtering hardware setup (bnc#1012382).
- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).
- netfilter: do not track fragmented packets (bnc#1012382).
- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).
- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).
- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash
table (bnc#1012382).
- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).
- netfilter: nfnl_cthelper: fix runtime expectation policy updates
(bnc#1012382).
- net: Fix double free and memory corruption in get_net_ns_by_id()
(bnc#1012382).
- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).
- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).
- net: initialize msg.msg_flags in recvfrom (bnc#1012382).
- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y
(bnc#1012382).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).
- net: mvneta: clear interface link status on port disable (bnc#1012382).
- net/packet: fix a race in packet_bind() and packet_notifier()
(bnc#1012382).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg
workaround (bnc#1012382).
- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).
- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4
(bnc#1012382).
- net: reevalulate autoflowlabel setting after sysctl setting
(bnc#1012382).
- net: Resend IGMP memberships upon peer notification (bnc#1012382).
- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).
- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).
- net: systemport: Pad packet before inserting TSB (bnc#1012382).
- net: systemport: Utilize skb_put_padto() (bnc#1012382).
- net: tcp: close sock if net namespace is exiting (bnc#1012382).
- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).
- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).
- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).
- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).
- nfs: Do not take a reference on fl->fl_file for LOCK operation
(bnc#1012382).
- nfs: Fix a typo in nfs_rename() (bnc#1012382).
- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).
- nfsv4: Fix client recovery when server reboots multiple times
(bnc#1012382).
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick()
(bnc#1012382).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
(bnc#1012382).
- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).
- packet: fix crash in fanout_demux_rollover() (bnc#1012382).
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel
(bnc#1012382).
- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).
- partially revert tipc improve link resiliency when rps is activated
(bsc#1068038).
- pci/aer: Report non-fatal errors only to the affected endpoint
(bnc#1012382).
- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).
- pci: Create SR-IOV virtfn/physfn links before attaching driver
(bnc#1012382).
- pci: Detach driver before procfs & sysfs teardown on device remove
(bnc#1012382).
- pci/pme: Handle invalid data when reading Root Status (bnc#1012382).
- pci / pm: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).
- perf symbols: Fix symbols__fixup_end heuristic for corner cases
(bnc#1012382).
- perf test attr: Fix ignored test case result (bnc#1012382).
- perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver
(bsc#1036737).
- perf: xgene: Add support for SoC PMU version 3 (bsc#1076809).
- perf: xgene: Include module.h (bsc#1076809).
- perf: xgene: Move PMU leaf functions into function pointer structure
(bsc#1076809).
- perf: xgene: Parse PMU subnode from the match table (bsc#1076809).
- perf: xgene: Remove unnecessary managed resources cleanup (bsc#1076809).
- phy: work around 'phys' references to usb-nop-xceiv devices
(bnc#1012382).
- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).
- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid
(bsc#1068032, bsc#1075087).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL
(bsc#1068032, bsc#1075087).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL
(bsc#1068032, bsc#1075087).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas
(bsc#1068032, bsc#1075087).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032,
bsc#1075087).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032,
bsc#1075087).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL
(bsc#1068032, bsc#1075087).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti
(bsc#1068032, bsc#1075087).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032,
bsc#1075087).
- powerpc/ipic: Fix status get and status clear (bnc#1012382).
- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).
- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032,
bsc#1075087).
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
(bnc#1012382).
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested
(bnc#1012382).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032,
bsc#1075087).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032,
bsc#1075087).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032,
bsc#1075087).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration
(bsc#1068032, bsc#1075087).
- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration
(bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032,
bsc#1075087).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032,
bsc#1075087).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI)
(bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code
(bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: prevent crash when changing flush type to fallback
after system boot (bsc#1068032, bsc#1075087).
- ppp: Destroy the mutex when cleanup (bnc#1012382).
- pppoe: take ->needed_headroom of lower device into account on xmit
(bnc#1012382).
- pti: unbreak EFI (bsc#1074709).
- r8152: fix the list rx_done may be used without initialization
(bnc#1012382).
- r8152: prevent the driver from transmitting packets with carrier off
(bnc#1012382).
- r8169: fix memory corruption on retrieval of hardware statistics
(bnc#1012382).
- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).
- ravb: Remove Rx overflow log messages (bnc#1012382).
- rbd: set max_segments to USHRT_MAX (bnc#1012382).
- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).
- rdma/iser: Fix possible mr leak on device removal event (bnc#1012382).
- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).
- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).
- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).
- regulator: core: Rely on regulator_dev_release to free constraints
(bsc#1074847).
- regulator: da9063: Return an error code on probe failure (bsc#1074847).
- regulator: pwm: Fix regulator ramp delay for continuous mode
(bsc#1074847).
- regulator: Try to resolve regulators supplies on registration
(bsc#1074847).
- Revert "arm64: alternatives: add enable parameter to conditional asm
macros" (bsc#1068032).
- Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
(bnc#1012382).
- Revert "drm/armada: Fix compile fail" (bnc#1012382).
- Revert "kaiser: vmstat show NR_KAISERTABLE as nr_overhead" (kabi).
- Revert "lib/genalloc.c: make the avail variable an atomic_long_t" (kabi).
- Revert "module: Add retpoline tag to VERMAGIC" (bnc#1012382 kabi).
- Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()"
(bnc#1012382).
- Revert "s390/kbuild: enable modversions for symbols exported from asm"
(bnc#1012382).
- Revert "sched/deadline: Use the revised wakeup rule for suspending
constrained dl tasks" (kabi).
- Revert "scsi: libsas: align sata_device's rps_resp on a cacheline"
(kabi).
- Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA" (bnc#1012382).
- Revert "userfaultfd: selftest: vm: allow to build in vm/ directory"
(bnc#1012382).
- Revert "x86/efi: Build our own page table structures" (bnc#1012382).
- Revert "x86/efi: Hoist page table switching code into efi_call_virt()"
(bnc#1012382).
- Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers"
(bnc#1012382).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).
- ring-buffer: Mask out the info bits when returning buffer page length
(bnc#1012382).
- route: also update fnhe_genid when updating a route cache (bnc#1012382).
- route: update fnhe_expires for redirect when the fnhe exists
(bnc#1012382).
- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).
- rtc: pcf8563: fix output clock rate (bnc#1012382).
- rtc: pl031: make interrupt optional (bnc#1012382).
- rtc: set the alarm to the next expiring timer (bnc#1012382).
- s390: always save and restore all registers on context switch
(bnc#1012382).
- s390: fix compat system call table (bnc#1012382).
- s390/pci: do not require AIS facility (bnc#1012382).
- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1012382).
- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).
- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).
- sched/deadline: Make sure the replenishment timer fires in the next
period (bnc#1012382).
- sched/deadline: Throttle a constrained deadline task activated after the
deadline (bnc#1012382).
- sched/deadline: Use deadline instead of period when calculating overflow
(bnc#1012382).
- sched/deadline: Use the revised wakeup rule for suspending constrained
dl tasks (bnc#1012382).
- sched/deadline: Zero out positive runtime after throttling constrained
tasks (git-fixes).
- scsi: bfa: integer overflow in debugfs (bnc#1012382).
- scsi: check for device state in __scsi_remove_target() (bsc#1072589).
- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).
- scsi: fixup kernel warning during rmmod() (bsc#1052360).
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading
(bnc#1012382).
- scsi: hpsa: destroy sas transport properties before scsi_host
(bnc#1012382).
- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).
- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
(bnc#1012382).
- scsi: lpfc: Fix PT2PT PRLI reject (bnc#1012382).
- scsi: lpfc: Fix secure firmware updates (bnc#1012382).
- scsi: lpfc: PLOGI failures during NPIV testing (bnc#1012382).
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1
volume created on two SATA drive (bnc#1012382).
- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).
- scsi: sd: change manage_start_stop to bool in sysfs interface
(bnc#1012382).
- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- sctp: do not allow the v4 socket to bind a v4mapped v6 address
(bnc#1012382).
- sctp: do not free asoc when it is already dead in sctp_sendmsg
(bnc#1012382).
- sctp: Replace use of sockets_allocated with specified macro
(bnc#1012382).
- sctp: return error if the asoc has been peeled off in
sctp_wait_for_sndbuf (bnc#1012382).
- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).
- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).
- selftests/x86: Add test_vsyscall (bnc#1012382).
- selftests/x86/ldt_get: Add a few additional tests for limits
(bnc#1012382).
- serial: 8250_pci: Add Amazon pci serial device ID (bnc#1012382).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).
- Set supported_modules_check 1 (bsc#1072163).
- sfc: do not warn on successful change of MAC (bnc#1012382).
- sh_eth: fix SH7757 GEther initialization (bnc#1012382).
- sh_eth: fix TSU resource handling (bnc#1012382).
- sit: update frag_off info (bnc#1012382).
- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).
- sparc64/mm: set fields in deferred pages (bnc#1012382).
- spi_ks8995: fix "BUG: key accdaa28 not in .data!" (bnc#1012382).
- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).
- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
(bnc#1012382).
- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).
- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- sysrq : fix Show Regs call trace on ARM (bnc#1012382).
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
(bnc#1012382).
- target/file: Do not return error for UNMAP if length is zero
(bnc#1012382).
- target: fix ALUA transition timeout handling (bnc#1012382).
- target:fix condition return in core_pr_dump_initiator_port()
(bnc#1012382).
- target: fix race during implicit transition work flushes (bnc#1012382).
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
(bnc#1012382).
- target: Use system workqueue for ALUA transitions (bnc#1012382).
- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).
- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).
- tcp md5sig: Use skb's saddr when replying to an incoming segment
(bnc#1012382).
- tcp: __tcp_hdrlen() helper (bnc#1012382).
- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior
(bnc#1012382).
- thermal: hisilicon: Handle return value of clk_prepare_enable
(bnc#1012382).
- tipc: fix cleanup at module unload (bnc#1012382).
- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).
- tipc: improve link resiliency when rps is activated (bsc#1068038).
- tracing: Allocate mask_str buffer dynamically (bnc#1012382).
- tracing: Fix converting enum's from the map in trace_event_eval_update()
(bnc#1012382).
- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).
- tracing: Fix possible double free on failure of allocating trace buffer
(bnc#1012382).
- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).
- tty fix oops when rmmod 8250 (bnc#1012382).
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).
- udf: Avoid overflow when session starts at large offset (bnc#1012382).
- um: link vmlinux with -no-pie (bnc#1012382).
- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).
- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).
- USB: core: Add type-specific length check of BOS descriptors
(bnc#1012382).
- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).
- USB: devio: Prevent integer overflow in proc_do_submiturb()
(bnc#1012382).
- USB: Fix off by one in type-specific length check of BOS SSP capability
(git-fixes).
- USB: fix usbmon BUG trigger (bnc#1012382).
- usb: gadget: configs: plug memory leak (bnc#1012382).
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
(bnc#1012382).
- USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
(bnc#1012382).
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed
(bnc#1012382).
- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).
- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).
- USB: Increase usbfs transfer limit (bnc#1012382).
- usbip: Fix implicit fallthrough warning (bnc#1012382).
- usbip: Fix potential format overflow in userspace tools (bnc#1012382).
- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
(bnc#1012382).
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
(bnc#1012382).
- usbip: fix usbip bind writing random string after command in match_busid
(bnc#1012382).
- usbip: prevent leaking socket pointer address in messages (bnc#1012382).
- usbip: prevent vhci_hcd driver from leaking a socket pointer address
(bnc#1012382).
- usbip: remove kernel addresses from usb device and urb debug msgs
(bnc#1012382).
- usbip: stub: stop printing kernel pointer addresses in messages
(bnc#1012382).
- usbip: vhci: stop printing kernel pointer addresses in messages
(bnc#1012382).
- usb: misc: usb3503: make sure reset is low for at least 100us
(bnc#1012382).
- usb: musb: da8xx: fix babble condition handling (bnc#1012382).
- usb: phy: isp1301: Add OF device ID table (bnc#1012382).
- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled
(git-fixes).
- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub
(bnc#1012382).
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
(bnc#1012382).
- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).
- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).
- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).
- USB: serial: option: add Quectel BG96 id (bnc#1012382).
- USB: serial: option: add support for Telit ME910 PID 0x1101
(bnc#1012382).
- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).
- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
(bnc#1012382).
- USB: usbfs: Filter flags passed in from user space (bnc#1012382).
- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).
- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).
- video: fbdev: au1200fb: Release some resources if a memory allocation
fails (bnc#1012382).
- video: fbdev: au1200fb: Return an error code if a memory allocation
fails (bnc#1012382).
- virtio: release virtio index when fail to device_register (bnc#1012382).
- vmxnet3: repair memory leak (bnc#1012382).
- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend
(bnc#1012382).
- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).
- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
(bnc#1012382).
- writeback: fix memory leak in wb_queue_work() (bnc#1012382).
- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).
- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).
- x86/acpi: Handle SCI interrupts above legacy space gracefully
(bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
(bsc#1068984).
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
(bnc#1012382).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).
- x86/apic/vector: Fix off by one in error path (bnc#1012382).
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
(bnc#1012382).
- x86/boot: Fix early command-line parsing when matching at end
(bsc#1068032).
- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).
- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).
- x86/Documentation: Add PTI description (bnc#1012382).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
(bnc#1012382).
- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).
- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).
- x86/kasan: Write protect kasan zero shadow (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check
(bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading with a revision check
(bnc#1012382).
- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier
(git-fixes).
- x86/mm: Disable pciD on 32-bit kernels (bnc#1012382).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).
- x86/pti: Document fix wrong index (bnc#1012382).
- x86/pti/efi: broken conversion from efi to kernel page table
(bnc#1012382).
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active
(bsc#1068032).
- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994
bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly()
(bnc#1012382).
- xen-netfront: avoid crashing on resume after a failure in
talk_to_netback() (bnc#1012382).
- xen-netfront: Improve error handling during initialization (bnc#1012382).
- xfrm: Copy policy family in clone_policy (bnc#1012382).
- xfs: add configurable error support to metadata buffers (bsc#1068569).
- xfs: add configuration handlers for specific errors (bsc#1068569).
- xfs: add configuration of error failure speed (bsc#1068569).
- xfs: add "fail at unmount" error handling configuration (bsc#1068569).
- xfs: Add infrastructure needed for error propagation during buffer IO
failure (bsc#1068569).
- xfs: address kabi for xfs buffer retry infrastructure (kabi).
- xfs: configurable error behavior via sysfs (bsc#1068569).
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
(bnc#1012382).
- xfs: fix log block underflow during recovery cycle verification
(bnc#1012382).
- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).
- xfs: introduce metadata IO error class (bsc#1068569).
- xfs: introduce table-based init for error behaviors (bsc#1068569).
- xfs: Properly retry failed inode items in case of error during buffer
writeback (bsc#1068569).
- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).
- xhci: Do not add a virt_dev to the devs array before it's fully
allocated (bnc#1012382).
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device()
(bnc#1012382).
- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).
- zram: set physical queue limits to avoid array out of bounds accesses
(bnc#1012382).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time Extension 12-SP2:
zypper in -t patch SUSE-SLE-RT-12-SP2-2018-327=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time Extension 12-SP2 (noarch):
kernel-devel-rt-4.4.114-27.1
kernel-source-rt-4.4.114-27.1
- SUSE Linux Enterprise Real Time Extension 12-SP2 (x86_64):
cluster-md-kmp-rt-4.4.114-27.1
cluster-md-kmp-rt-debuginfo-4.4.114-27.1
cluster-network-kmp-rt-4.4.114-27.1
cluster-network-kmp-rt-debuginfo-4.4.114-27.1
dlm-kmp-rt-4.4.114-27.1
dlm-kmp-rt-debuginfo-4.4.114-27.1
gfs2-kmp-rt-4.4.114-27.1
gfs2-kmp-rt-debuginfo-4.4.114-27.1
kernel-rt-4.4.114-27.1
kernel-rt-base-4.4.114-27.1
kernel-rt-base-debuginfo-4.4.114-27.1
kernel-rt-debuginfo-4.4.114-27.1
kernel-rt-debugsource-4.4.114-27.1
kernel-rt-devel-4.4.114-27.1
kernel-rt_debug-debuginfo-4.4.114-27.1
kernel-rt_debug-debugsource-4.4.114-27.1
kernel-rt_debug-devel-4.4.114-27.1
kernel-rt_debug-devel-debuginfo-4.4.114-27.1
kernel-syms-rt-4.4.114-27.1
ocfs2-kmp-rt-4.4.114-27.1
ocfs2-kmp-rt-debuginfo-4.4.114-27.1
References:
https://www.suse.com/security/cve/CVE-2017-15129.html
https://www.suse.com/security/cve/CVE-2017-17712.html
https://www.suse.com/security/cve/CVE-2017-17862.html
https://www.suse.com/security/cve/CVE-2017-17864.html
https://www.suse.com/security/cve/CVE-2017-18017.html
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2018-1000004.html
https://www.suse.com/security/cve/CVE-2018-5332.html
https://www.suse.com/security/cve/CVE-2018-5333.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1019784
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1036737
https://bugzilla.suse.com/1038078
https://bugzilla.suse.com/1038085
https://bugzilla.suse.com/1043652
https://bugzilla.suse.com/1048585
https://bugzilla.suse.com/1052360
https://bugzilla.suse.com/1060279
https://bugzilla.suse.com/1066223
https://bugzilla.suse.com/1066842
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1068038
https://bugzilla.suse.com/1068569
https://bugzilla.suse.com/1068984
https://bugzilla.suse.com/1069160
https://bugzilla.suse.com/1070799
https://bugzilla.suse.com/1072163
https://bugzilla.suse.com/1072484
https://bugzilla.suse.com/1072589
https://bugzilla.suse.com/1073229
https://bugzilla.suse.com/1073230
https://bugzilla.suse.com/1073928
https://bugzilla.suse.com/1074134
https://bugzilla.suse.com/1074488
https://bugzilla.suse.com/1074621
https://bugzilla.suse.com/1074709
https://bugzilla.suse.com/1074839
https://bugzilla.suse.com/1074847
https://bugzilla.suse.com/1075066
https://bugzilla.suse.com/1075078
https://bugzilla.suse.com/1075087
https://bugzilla.suse.com/1075091
https://bugzilla.suse.com/1075428
https://bugzilla.suse.com/1075617
https://bugzilla.suse.com/1075621
https://bugzilla.suse.com/1075627
https://bugzilla.suse.com/1075994
https://bugzilla.suse.com/1076017
https://bugzilla.suse.com/1076110
https://bugzilla.suse.com/1076806
https://bugzilla.suse.com/1076809
https://bugzilla.suse.com/1076872
https://bugzilla.suse.com/1076899
https://bugzilla.suse.com/1077068
https://bugzilla.suse.com/1077560
https://bugzilla.suse.com/1077592
https://bugzilla.suse.com/1077871
https://bugzilla.suse.com/1078526
https://bugzilla.suse.com/1078681
https://bugzilla.suse.com/963844
https://bugzilla.suse.com/988524
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:0473-1: important: Security update for quagga
by opensuse-security@opensuse.org 19 Feb '18
by opensuse-security@opensuse.org 19 Feb '18
19 Feb '18
openSUSE Security Update: Security update for quagga
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0473-1
Rating: important
References: #1065641 #1079798 #1079799 #1079800 #1079801
Cross-References: CVE-2017-16227 CVE-2018-5378 CVE-2018-5379
CVE-2018-5380 CVE-2018-5381
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for quagga fixes the following issues:
- CVE-2017-16227: Fixed bgpd DoS via specially crafted BGP UPDATE messages
(boo#1065641)
- CVE-2018-5378: Fixed bgpd bounds check issue via attribute length
(Quagga-2018-0543,boo#1079798)
- CVE-2018-5379: Fixed bgpd double free when processing UPDATE message
(Quagga-2018-1114,boo#1079799)
- CVE-2018-5380: Fixed bgpd code-to-string conversion tables overrun
(Quagga-2018-1550,boo#1079800)
- CVE-2018-5381: Fixed bgpd infinite loop on certain invalid OPEN messages
(Quagga-2018-1975,boo#1079801)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-177=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (i586 x86_64):
libfpm_pb0-1.1.1-18.3.1
libfpm_pb0-debuginfo-1.1.1-18.3.1
libospf0-1.1.1-18.3.1
libospf0-debuginfo-1.1.1-18.3.1
libospfapiclient0-1.1.1-18.3.1
libospfapiclient0-debuginfo-1.1.1-18.3.1
libquagga_pb0-1.1.1-18.3.1
libquagga_pb0-debuginfo-1.1.1-18.3.1
libzebra1-1.1.1-18.3.1
libzebra1-debuginfo-1.1.1-18.3.1
quagga-1.1.1-18.3.1
quagga-debuginfo-1.1.1-18.3.1
quagga-debugsource-1.1.1-18.3.1
quagga-devel-1.1.1-18.3.1
References:
https://www.suse.com/security/cve/CVE-2017-16227.html
https://www.suse.com/security/cve/CVE-2018-5378.html
https://www.suse.com/security/cve/CVE-2018-5379.html
https://www.suse.com/security/cve/CVE-2018-5380.html
https://www.suse.com/security/cve/CVE-2018-5381.html
https://bugzilla.suse.com/1065641
https://bugzilla.suse.com/1079798
https://bugzilla.suse.com/1079799
https://bugzilla.suse.com/1079800
https://bugzilla.suse.com/1079801
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:0472-1: important: Security update for xen
by opensuse-security@opensuse.org 19 Feb '18
by opensuse-security@opensuse.org 19 Feb '18
19 Feb '18
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0472-1
Rating: important
References: #1027519 #1035442 #1051729 #1061081 #1068032
#1070158 #1070159 #1070160 #1070163 #1074562
#1076116 #1076180
Cross-References: CVE-2017-15595 CVE-2017-17563 CVE-2017-17564
CVE-2017-17565 CVE-2017-17566 CVE-2017-18030
CVE-2017-5715 CVE-2017-5753 CVE-2017-5754
CVE-2018-5683
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________
An update that solves 10 vulnerabilities and has two fixes
is now available.
Description:
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks
via side effects of speculative execution, aka "Spectre" and "Meltdown"
attacks (bsc#1074562, bsc#1068032)
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS
(unbounded recursion, stack consumption, and hypervisor crash) or
possibly gain privileges via crafted page-table stacking (bsc#1061081)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges in shadow mode by mapping a
certain auxiliary page (bsc#1070158).
- CVE-2017-17563: Prevent guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges by leveraging an incorrect
mask for reference-count overflow checking in shadow mode (bsc#1070159).
- CVE-2017-17564: Prevent guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges by leveraging incorrect error
handling for reference counting in shadow mode (bsc#1070160).
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service
(host OS crash) if shadow mode and log-dirty mode are in place, because
of an incorrect assertion related to M2P (bsc#1070163).
- CVE-2018-5683: The vga_draw_text function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds read and
QEMU process crash) by leveraging improper memory address validation
(bsc#1076116).
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS
guest privileged users to cause a denial of service (out-of-bounds array
access and QEMU process crash) via vectors related to negative pitch
(bsc#1076180).
These non-security issues were fixed:
- bsc#1051729: Prevent invalid symlinks after install of SLES 12 SP2
- bsc#1035442: Increased the value of LIBXL_DESTROY_TIMEOUT from 10 to 100
seconds. If many domUs shutdown in parallel the backends couldn't keep up
- bsc#1027519: Added several upstream patches
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-325=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-325=1
- SUSE Linux Enterprise Desktop 12-SP2:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-325=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64):
xen-debugsource-4.7.4_06-43.24.1
xen-devel-4.7.4_06-43.24.1
- SUSE Linux Enterprise Server 12-SP2 (x86_64):
xen-4.7.4_06-43.24.1
xen-debugsource-4.7.4_06-43.24.1
xen-doc-html-4.7.4_06-43.24.1
xen-libs-32bit-4.7.4_06-43.24.1
xen-libs-4.7.4_06-43.24.1
xen-libs-debuginfo-32bit-4.7.4_06-43.24.1
xen-libs-debuginfo-4.7.4_06-43.24.1
xen-tools-4.7.4_06-43.24.1
xen-tools-debuginfo-4.7.4_06-43.24.1
xen-tools-domU-4.7.4_06-43.24.1
xen-tools-domU-debuginfo-4.7.4_06-43.24.1
- SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
xen-4.7.4_06-43.24.1
xen-debugsource-4.7.4_06-43.24.1
xen-libs-32bit-4.7.4_06-43.24.1
xen-libs-4.7.4_06-43.24.1
xen-libs-debuginfo-32bit-4.7.4_06-43.24.1
xen-libs-debuginfo-4.7.4_06-43.24.1
References:
https://www.suse.com/security/cve/CVE-2017-15595.html
https://www.suse.com/security/cve/CVE-2017-17563.html
https://www.suse.com/security/cve/CVE-2017-17564.html
https://www.suse.com/security/cve/CVE-2017-17565.html
https://www.suse.com/security/cve/CVE-2017-17566.html
https://www.suse.com/security/cve/CVE-2017-18030.html
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2017-5753.html
https://www.suse.com/security/cve/CVE-2017-5754.html
https://www.suse.com/security/cve/CVE-2018-5683.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1035442
https://bugzilla.suse.com/1051729
https://bugzilla.suse.com/1061081
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1070158
https://bugzilla.suse.com/1070159
https://bugzilla.suse.com/1070160
https://bugzilla.suse.com/1070163
https://bugzilla.suse.com/1074562
https://bugzilla.suse.com/1076116
https://bugzilla.suse.com/1076180
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:0468-1: important: Security update for exim
by opensuse-security@opensuse.org 19 Feb '18
by opensuse-security@opensuse.org 19 Feb '18
19 Feb '18
openSUSE Security Update: Security update for exim
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0468-1
Rating: important
References: #1079832
Cross-References: CVE-2018-6789
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for exim fixes the following issues:
- CVE-2018-6789: Fixed a buffer overflow in the base64decode function,
which could be used to execute code remotely. (boo#1079832)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-170=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (x86_64):
exim-4.86.2-20.1
exim-debuginfo-4.86.2-20.1
exim-debugsource-4.86.2-20.1
eximon-4.86.2-20.1
eximon-debuginfo-4.86.2-20.1
eximstats-html-4.86.2-20.1
References:
https://www.suse.com/security/cve/CVE-2018-6789.html
https://bugzilla.suse.com/1079832
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:0464-1: important: Security update for p7zip
by opensuse-security@opensuse.org 16 Feb '18
by opensuse-security@opensuse.org 16 Feb '18
16 Feb '18
SUSE Security Update: Security update for p7zip
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0464-1
Rating: important
References: #1077724 #1077725 #1077978 #984650
Cross-References: CVE-2016-1372 CVE-2017-17969 CVE-2018-5996
Affected Products:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Desktop 12-SP3
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for p7zip fixes the following issues:
Security issues fixed:
- CVE-2016-1372: Fixed multiple vulnerabilities when processing crafted 7z
files (bsc#984650)
- CVE-2017-17969: Fixed a heap-based buffer overflow in a shrink decoder
(bsc#1077725)
- CVE-2018-5996: Fixed memory corruption in RAR decompression. The
complete RAR decoder was removed as it also has license issues
(bsc#1077724 bsc#1077978)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-319=1
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-319=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-319=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-319=1
- SUSE Linux Enterprise Desktop 12-SP2:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-319=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
p7zip-9.20.1-7.3.1
p7zip-debuginfo-9.20.1-7.3.1
p7zip-debugsource-9.20.1-7.3.1
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
p7zip-9.20.1-7.3.1
p7zip-debuginfo-9.20.1-7.3.1
p7zip-debugsource-9.20.1-7.3.1
- SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):
p7zip-9.20.1-7.3.1
p7zip-debuginfo-9.20.1-7.3.1
p7zip-debugsource-9.20.1-7.3.1
- SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
p7zip-9.20.1-7.3.1
p7zip-debuginfo-9.20.1-7.3.1
p7zip-debugsource-9.20.1-7.3.1
- SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
p7zip-9.20.1-7.3.1
p7zip-debuginfo-9.20.1-7.3.1
p7zip-debugsource-9.20.1-7.3.1
References:
https://www.suse.com/security/cve/CVE-2016-1372.html
https://www.suse.com/security/cve/CVE-2017-17969.html
https://www.suse.com/security/cve/CVE-2018-5996.html
https://bugzilla.suse.com/1077724
https://bugzilla.suse.com/1077725
https://bugzilla.suse.com/1077978
https://bugzilla.suse.com/984650
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:0459-1: important: Security update for xen
by opensuse-security@opensuse.org 16 Feb '18
by opensuse-security@opensuse.org 16 Feb '18
16 Feb '18
openSUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0459-1
Rating: important
References: #1027519 #1035442 #1051729 #1061081 #1067317
#1068032 #1070158 #1070159 #1070160 #1070163
#1074562 #1076116 #1076180
Cross-References: CVE-2017-15595 CVE-2017-17563 CVE-2017-17564
CVE-2017-17565 CVE-2017-17566 CVE-2017-18030
CVE-2017-5715 CVE-2017-5753 CVE-2017-5754
CVE-2018-5683
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that solves 10 vulnerabilities and has three
fixes is now available.
Description:
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks
via side effects of speculative execution, aka "Spectre" and "Meltdown"
attacks (bsc#1074562, bsc#1068032)
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS
(unbounded recursion, stack consumption, and hypervisor crash) or
possibly gain privileges via crafted page-table stacking (bsc#1061081)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges in shadow mode by mapping a
certain auxiliary page (bsc#1070158).
- CVE-2017-17563: Prevent guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges by leveraging an incorrect
mask for reference-count overflow checking in shadow mode (bsc#1070159).
- CVE-2017-17564: Prevent guest OS users to cause a denial of service
(host OS crash) or gain host OS privileges by leveraging incorrect error
handling for reference counting in shadow mode (bsc#1070160).
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service
(host OS crash) if shadow mode and log-dirty mode are in place, because
of an incorrect assertion related to M2P (bsc#1070163).
- CVE-2018-5683: The vga_draw_text function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds read and
QEMU process crash) by leveraging improper memory address validation
(bsc#1076116).
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS
guest privileged users to cause a denial of service (out-of-bounds array
access and QEMU process crash) via vectors related to negative pitch
(bsc#1076180).
These non-security issues were fixed:
- bsc#1067317: pass cache=writeback|unsafe|directsync to qemu depending on
the libxl disk settings
- bsc#1051729: Prevent invalid symlinks after install of SLES 12 SP2
- bsc#1035442: Increased the value of LIBXL_DESTROY_TIMEOUT from 10 to 100
seconds. If many domUs shutdown in parallel the backends couldn't keep up
- bsc#1027519: Added several upstream patches
This update was imported from the SUSE:SLE-12-SP3:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-169=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (x86_64):
xen-4.9.1_08-16.1
xen-debugsource-4.9.1_08-16.1
xen-devel-4.9.1_08-16.1
xen-doc-html-4.9.1_08-16.1
xen-libs-4.9.1_08-16.1
xen-libs-debuginfo-4.9.1_08-16.1
xen-tools-4.9.1_08-16.1
xen-tools-debuginfo-4.9.1_08-16.1
xen-tools-domU-4.9.1_08-16.1
xen-tools-domU-debuginfo-4.9.1_08-16.1
References:
https://www.suse.com/security/cve/CVE-2017-15595.html
https://www.suse.com/security/cve/CVE-2017-17563.html
https://www.suse.com/security/cve/CVE-2017-17564.html
https://www.suse.com/security/cve/CVE-2017-17565.html
https://www.suse.com/security/cve/CVE-2017-17566.html
https://www.suse.com/security/cve/CVE-2017-18030.html
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2017-5753.html
https://www.suse.com/security/cve/CVE-2017-5754.html
https://www.suse.com/security/cve/CVE-2018-5683.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1035442
https://bugzilla.suse.com/1051729
https://bugzilla.suse.com/1061081
https://bugzilla.suse.com/1067317
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1070158
https://bugzilla.suse.com/1070159
https://bugzilla.suse.com/1070160
https://bugzilla.suse.com/1070163
https://bugzilla.suse.com/1074562
https://bugzilla.suse.com/1076116
https://bugzilla.suse.com/1076180
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:0458-1: important: Security update for openssl-steam
by opensuse-security@opensuse.org 16 Feb '18
by opensuse-security@opensuse.org 16 Feb '18
16 Feb '18
openSUSE Security Update: Security update for openssl-steam
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0458-1
Rating: important
References: #1001148 #1009528 #1019334 #1022085 #1022086
#1022271 #982268 #982575 #983249 #984323
#990207 #990392 #990419 #990428 #991193 #991877
#992120 #993819 #994749 #994844 #995075 #995324
#995359 #995377 #998190 #999665 #999666 #999668
Cross-References: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179
CVE-2016-2180 CVE-2016-2181 CVE-2016-2182
CVE-2016-2183 CVE-2016-6302 CVE-2016-6303
CVE-2016-6304 CVE-2016-6306 CVE-2016-7052
CVE-2016-7055 CVE-2016-7056 CVE-2017-3731
CVE-2017-3732
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that solves 16 vulnerabilities and has 12 fixes
is now available.
Description:
This update for openssl-steam fixes the following issues:
- Merged changes from upstream openssl (Factory rev 137) into this fork
for Steam.
Updated to openssl 1.0.2k:
* CVE-2016-7055: Montgomery multiplication may produce incorrect results
(boo#1009528)
* CVE-2016-7056: ECSDA P-256 timing attack key recovery (boo#1019334)
* CVE-2017-3731: Truncated packet could crash via OOB read (boo#1022085)
* CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
(boo#1022086)
Update to openssl-1.0.2j:
* CVE-2016-7052: Missing CRL sanity check (boo#1001148)
OpenSSL Security Advisory [22 Sep 2016] (boo#999665)
- Severity: High
* CVE-2016-6304: OCSP Status Request extension unbounded memory growth
(boo#999666)
- Severity: Low
* CVE-2016-2177: Pointer arithmetic undefined behaviour (boo#982575)
* CVE-2016-2178: Constant time flag not preserved in DSA signing
(boo#983249)
* CVE-2016-2179: DTLS buffered message DoS (boo#994844)
* CVE-2016-2180: OOB read in TS_OBJ_print_bio() (boo#990419)
* CVE-2016-2181: DTLS replay protection DoS (boo#994749)
* CVE-2016-2182: OOB write in BN_bn2dec() (boo#993819)
* CVE-2016-2183: Birthday attack against 64-bit block ciphers
(SWEET32) (boo#995359)
* CVE-2016-6302: Malformed SHA512 ticket DoS (boo#995324)
* CVE-2016-6303: OOB write in MDC2_Update() (boo#995377)
* CVE-2016-6306: Certificate message OOB reads (boo#999668)
ALso fixed:
- fixed a crash in print_notice (boo#998190)
- fix X509_CERT_FILE path (boo#1022271) and rename
- resume reading from /dev/urandom when interrupted by a signal
(boo#995075)
- fix problems with locking in FIPS mode (boo#992120)
* duplicates: boo#991877, boo#991193, boo#990392, boo#990428 and
boo#990207
- drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream) (boo#984323)
- don't check for /etc/system-fips (boo#982268)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-168=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (i586 x86_64):
libopenssl1_0_0-steam-1.0.2k-4.3.1
libopenssl1_0_0-steam-debuginfo-1.0.2k-4.3.1
openssl-steam-debugsource-1.0.2k-4.3.1
- openSUSE Leap 42.3 (x86_64):
libopenssl1_0_0-steam-32bit-1.0.2k-4.3.1
libopenssl1_0_0-steam-debuginfo-32bit-1.0.2k-4.3.1
References:
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-7052.html
https://www.suse.com/security/cve/CVE-2016-7055.html
https://www.suse.com/security/cve/CVE-2016-7056.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://bugzilla.suse.com/1001148
https://bugzilla.suse.com/1009528
https://bugzilla.suse.com/1019334
https://bugzilla.suse.com/1022085
https://bugzilla.suse.com/1022086
https://bugzilla.suse.com/1022271
https://bugzilla.suse.com/982268
https://bugzilla.suse.com/982575
https://bugzilla.suse.com/983249
https://bugzilla.suse.com/984323
https://bugzilla.suse.com/990207
https://bugzilla.suse.com/990392
https://bugzilla.suse.com/990419
https://bugzilla.suse.com/990428
https://bugzilla.suse.com/991193
https://bugzilla.suse.com/991877
https://bugzilla.suse.com/992120
https://bugzilla.suse.com/993819
https://bugzilla.suse.com/994749
https://bugzilla.suse.com/994844
https://bugzilla.suse.com/995075
https://bugzilla.suse.com/995324
https://bugzilla.suse.com/995359
https://bugzilla.suse.com/995377
https://bugzilla.suse.com/998190
https://bugzilla.suse.com/999665
https://bugzilla.suse.com/999666
https://bugzilla.suse.com/999668
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:0457-1: important: Security update for quagga
by opensuse-security@opensuse.org 16 Feb '18
by opensuse-security@opensuse.org 16 Feb '18
16 Feb '18
SUSE Security Update: Security update for quagga
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0457-1
Rating: important
References: #1021669 #1065641 #1079798 #1079799 #1079800
#1079801
Cross-References: CVE-2017-16227 CVE-2017-5495 CVE-2018-5378
CVE-2018-5379 CVE-2018-5380 CVE-2018-5381
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for quagga fixes the following issues:
- The Quagga BGP daemon contained a bug in the AS_PATH size calculation
that could have been exploited to facilitate a remote denial-of-service
attack via specially crafted BGP UPDATE messages. [CVE-2017-16227,
bsc#1065641]
- The Quagga BGP daemon did not check whether data sent to peers via
NOTIFY had an invalid attribute length. It was possible to exploit this
issue and cause the bgpd process to leak sensitive information over the
network to a configured peer. [CVE-2018-5378, bsc#1079798]
- The Quagga BGP daemon used to double-free memory when processing certain
forms of UPDATE messages. This issue could be exploited by sending an
optional/transitive UPDATE attribute that all conforming eBGP speakers
should pass along. Consequently, a single UPDATE message could have
affected many bgpd processes across a wide area of a network. Through
this vulnerability, attackers could potentially have taken over control
of affected bgpd processes remotely. [CVE-2018-5379, bsc#1079799]
- It was possible to overrun internal BGP code-to-string conversion tables
in the Quagga BGP daemon. Configured peers could have exploited this
issue and cause bgpd to emit debug and warning messages into the logs
that would contained arbitrary bytes. [CVE-2018-5380, bsc#1079800]
- The Quagga BGP daemon could have entered an infinite loop if sent an
invalid OPEN message by a configured peer. If this issue was exploited,
then bgpd would cease to respond to any other events. BGP sessions would
have been dropped and not be reestablished. The CLI interface would have
been unresponsive. The bgpd daemon would have stayed in this state until
restarted. [CVE-2018-5381, bsc#1079801]
- The Quagga daemon's telnet "vty" CLI contains an unbounded memory
allocation bug that could be exploited for a denial-of-service attack on
the daemon. This issue has been fixed. [CVE-2017-5495, bsc#1021669]
- The telnet "vty" CLI of the Quagga daemon is no longer enabled by
default, because the passwords in the default "zebra.conf" config file
are now disabled. The vty interface is available via "vtysh" utility
using pam authentication to permit management access for root without
password. [bsc#1021669]
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-quagga-13471=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-quagga-13471=1
- SUSE Linux Enterprise Server 11-SP3-LTSS:
zypper in -t patch slessp3-quagga-13471=1
- SUSE Linux Enterprise Point of Sale 11-SP3:
zypper in -t patch sleposp3-quagga-13471=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-quagga-13471=1
- SUSE Linux Enterprise Debuginfo 11-SP3:
zypper in -t patch dbgsp3-quagga-13471=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):
quagga-devel-0.99.15-0.30.3.1
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64):
quagga-0.99.15-0.30.3.1
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
quagga-0.99.15-0.30.3.1
- SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):
quagga-0.99.15-0.30.3.1
- SUSE Linux Enterprise Point of Sale 11-SP3 (i586):
quagga-0.99.15-0.30.3.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
quagga-debuginfo-0.99.15-0.30.3.1
quagga-debugsource-0.99.15-0.30.3.1
- SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):
quagga-debuginfo-0.99.15-0.30.3.1
quagga-debugsource-0.99.15-0.30.3.1
References:
https://www.suse.com/security/cve/CVE-2017-16227.html
https://www.suse.com/security/cve/CVE-2017-5495.html
https://www.suse.com/security/cve/CVE-2018-5378.html
https://www.suse.com/security/cve/CVE-2018-5379.html
https://www.suse.com/security/cve/CVE-2018-5380.html
https://www.suse.com/security/cve/CVE-2018-5381.html
https://bugzilla.suse.com/1021669
https://bugzilla.suse.com/1065641
https://bugzilla.suse.com/1079798
https://bugzilla.suse.com/1079799
https://bugzilla.suse.com/1079800
https://bugzilla.suse.com/1079801
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:0456-1: important: Security update for quagga
by opensuse-security@opensuse.org 16 Feb '18
by opensuse-security@opensuse.org 16 Feb '18
16 Feb '18
SUSE Security Update: Security update for quagga
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0456-1
Rating: important
References: #1065641 #1079798 #1079799 #1079800 #1079801
Cross-References: CVE-2017-16227 CVE-2018-5378 CVE-2018-5379
CVE-2018-5380 CVE-2018-5381
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for quagga fixes the security following issues:
- The Quagga BGP daemon contained a bug in the AS_PATH size calculation
that could have been exploited to facilitate a remote denial-of-service
attack via specially crafted BGP UPDATE messages. [CVE-2017-16227,
bsc#1065641]
- The Quagga BGP daemon did not check whether data sent to peers via
NOTIFY had an invalid attribute length. It was possible to exploit this
issue and cause the bgpd process to leak sensitive information over the
network to a configured peer. [CVE-2018-5378, bsc#1079798]
- The Quagga BGP daemon used to double-free memory when processing certain
forms of UPDATE messages. This issue could be exploited by sending an
optional/transitive UPDATE attribute that all conforming eBGP speakers
should pass along. Consequently, a single UPDATE message could have
affected many bgpd processes across a wide area of a network. Through
this vulnerability, attackers could potentially have taken over control
of affected bgpd processes remotely. [CVE-2018-5379, bsc#1079799]
- It was possible to overrun internal BGP code-to-string conversion tables
in the Quagga BGP daemon. Configured peers could have exploited this
issue and cause bgpd to emit debug and warning messages into the logs
that would contained arbitrary bytes. [CVE-2018-5380, bsc#1079800]
- The Quagga BGP daemon could have entered an infinite loop if sent an
invalid OPEN message by a configured peer. If this issue was exploited,
then bgpd would cease to respond to any other events. BGP sessions would
have been dropped and not be reestablished. The CLI interface would have
been unresponsive. The bgpd daemon would have stayed in this state until
restarted. [CVE-2018-5381, bsc#1079801]
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP3:
zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-316=1
- SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-316=1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-316=1
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-316=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-316=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):
quagga-debuginfo-1.1.1-17.7.1
quagga-debugsource-1.1.1-17.7.1
quagga-devel-1.1.1-17.7.1
- SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
quagga-debuginfo-1.1.1-17.7.1
quagga-debugsource-1.1.1-17.7.1
quagga-devel-1.1.1-17.7.1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
libfpm_pb0-1.1.1-17.7.1
libfpm_pb0-debuginfo-1.1.1-17.7.1
libospf0-1.1.1-17.7.1
libospf0-debuginfo-1.1.1-17.7.1
libospfapiclient0-1.1.1-17.7.1
libospfapiclient0-debuginfo-1.1.1-17.7.1
libquagga_pb0-1.1.1-17.7.1
libquagga_pb0-debuginfo-1.1.1-17.7.1
libzebra1-1.1.1-17.7.1
libzebra1-debuginfo-1.1.1-17.7.1
quagga-1.1.1-17.7.1
quagga-debuginfo-1.1.1-17.7.1
quagga-debugsource-1.1.1-17.7.1
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
libfpm_pb0-1.1.1-17.7.1
libfpm_pb0-debuginfo-1.1.1-17.7.1
libospf0-1.1.1-17.7.1
libospf0-debuginfo-1.1.1-17.7.1
libospfapiclient0-1.1.1-17.7.1
libospfapiclient0-debuginfo-1.1.1-17.7.1
libquagga_pb0-1.1.1-17.7.1
libquagga_pb0-debuginfo-1.1.1-17.7.1
libzebra1-1.1.1-17.7.1
libzebra1-debuginfo-1.1.1-17.7.1
quagga-1.1.1-17.7.1
quagga-debuginfo-1.1.1-17.7.1
quagga-debugsource-1.1.1-17.7.1
- SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):
libfpm_pb0-1.1.1-17.7.1
libfpm_pb0-debuginfo-1.1.1-17.7.1
libospf0-1.1.1-17.7.1
libospf0-debuginfo-1.1.1-17.7.1
libospfapiclient0-1.1.1-17.7.1
libospfapiclient0-debuginfo-1.1.1-17.7.1
libquagga_pb0-1.1.1-17.7.1
libquagga_pb0-debuginfo-1.1.1-17.7.1
libzebra1-1.1.1-17.7.1
libzebra1-debuginfo-1.1.1-17.7.1
quagga-1.1.1-17.7.1
quagga-debuginfo-1.1.1-17.7.1
quagga-debugsource-1.1.1-17.7.1
References:
https://www.suse.com/security/cve/CVE-2017-16227.html
https://www.suse.com/security/cve/CVE-2018-5378.html
https://www.suse.com/security/cve/CVE-2018-5379.html
https://www.suse.com/security/cve/CVE-2018-5380.html
https://www.suse.com/security/cve/CVE-2018-5381.html
https://bugzilla.suse.com/1065641
https://bugzilla.suse.com/1079798
https://bugzilla.suse.com/1079799
https://bugzilla.suse.com/1079800
https://bugzilla.suse.com/1079801
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0