openSUSE Security Announce
Threads by month
- ----- 2024 -----
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
April 2018
- 1 participants
- 74 discussions
[security-announce] openSUSE-SU-2018:1093-1: important: Security update for zsh
by opensuse-security@opensuse.org 26 Apr '18
by opensuse-security@opensuse.org 26 Apr '18
26 Apr '18
openSUSE Security Update: Security update for zsh
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:1093-1
Rating: important
References: #1082885 #1082975 #1082977 #1082991 #1082998
#1083002 #1083250 #1084656 #1087026 #896914
Cross-References: CVE-2014-10070 CVE-2014-10071 CVE-2014-10072
CVE-2016-10714 CVE-2017-18205 CVE-2017-18206
CVE-2018-1071 CVE-2018-1083 CVE-2018-7549
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that solves 9 vulnerabilities and has one errata
is now available.
Description:
This update for zsh fixes the following issues:
- CVE-2014-10070: environment variable injection could lead to local
privilege escalation (bnc#1082885)
- CVE-2014-10071: buffer overflow in exec.c could lead to denial of
service. (bnc#1082977)
- CVE-2014-10072: buffer overflow In utils.c when scanning very long
directory paths for symbolic links. (bnc#1082975)
- CVE-2016-10714: In zsh before 5.3, an off-by-one error resulted in
undersized buffers that were intended to support PATH_MAX characters.
(bnc#1083250)
- CVE-2017-18205: In builtin.c when sh compatibility mode is used, a NULL
pointer dereference could lead to denial of service (bnc#1082998)
- CVE-2018-1071: exec.c:hashcmd() function vulnerability could lead to
denial of service. (bnc#1084656)
- CVE-2018-1083: Autocomplete vulnerability could lead to privilege
escalation. (bnc#1087026)
- CVE-2018-7549: In params.c in zsh through 5.4.2, there is a crash during
a copy of an empty hash table, as demonstrated by typeset -p.
(bnc#1082991)
- CVE-2017-18206: buffer overrun in xsymlinks could lead to denial of
service (bnc#1083002)
- Autocomplete and REPORTTIME broken (bsc#896914)
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-399=1
Package List:
- openSUSE Leap 42.3 (x86_64):
zsh-5.0.5-9.3.1
zsh-debuginfo-5.0.5-9.3.1
zsh-debugsource-5.0.5-9.3.1
zsh-htmldoc-5.0.5-9.3.1
References:
https://www.suse.com/security/cve/CVE-2014-10070.html
https://www.suse.com/security/cve/CVE-2014-10071.html
https://www.suse.com/security/cve/CVE-2014-10072.html
https://www.suse.com/security/cve/CVE-2016-10714.html
https://www.suse.com/security/cve/CVE-2017-18205.html
https://www.suse.com/security/cve/CVE-2017-18206.html
https://www.suse.com/security/cve/CVE-2018-1071.html
https://www.suse.com/security/cve/CVE-2018-1083.html
https://www.suse.com/security/cve/CVE-2018-7549.html
https://bugzilla.suse.com/1082885
https://bugzilla.suse.com/1082975
https://bugzilla.suse.com/1082977
https://bugzilla.suse.com/1082991
https://bugzilla.suse.com/1082998
https://bugzilla.suse.com/1083002
https://bugzilla.suse.com/1083250
https://bugzilla.suse.com/1084656
https://bugzilla.suse.com/1087026
https://bugzilla.suse.com/896914
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:1080-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 25 Apr '18
by opensuse-security@opensuse.org 25 Apr '18
25 Apr '18
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1080-1
Rating: important
References: #1010470 #1013018 #1039348 #1052943 #1062568
#1062840 #1063416 #1063516 #1065600 #1065999
#1067118 #1067912 #1068032 #1072689 #1072865
#1075088 #1075091 #1075994 #1078669 #1078672
#1078673 #1078674 #1080464 #1080757 #1080813
#1081358 #1082091 #1082424 #1083242 #1083275
#1083483 #1083494 #1084536 #1085113 #1085279
#1085331 #1085513 #1086162 #1087092 #1087260
#1087762 #1088147 #1088260 #1089608 #909077
#940776 #943786
Cross-References: CVE-2015-5156 CVE-2016-7915 CVE-2017-0861
CVE-2017-12190 CVE-2017-13166 CVE-2017-16644
CVE-2017-16911 CVE-2017-16912 CVE-2017-16913
CVE-2017-16914 CVE-2017-18203 CVE-2017-18208
CVE-2017-5715 CVE-2018-10087 CVE-2018-6927
CVE-2018-7566 CVE-2018-7757 CVE-2018-8822
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 18 vulnerabilities and has 29 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized
disclosure of information to an attacker with local user access via a
side-channel analysis (bnc#1068032).
Enhancements and bugfixes over the previous fixes have been added to
this kernel.
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have
allowed local users to cause a denial of service by triggering an
attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
of service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2018-7566: There was a buffer overflow via an
SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by
a local user (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem allowed attackers to gain privileges via
unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious
NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel
v4l2 video driver. (bnc#1072865).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c
allowed local users to cause a denial of service (BUG) by leveraging a
race condition with __dm_destroy during creation and removal of DM
devices (bnc#1083242).
- CVE-2017-16911: The vhci_hcd driver allowed allows local attackers to
disclose kernel memory addresses. Successful exploitation requires that
a USB device is attached over IP (bnc#1078674).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c local
users to cause a denial of service (infinite loop) by triggering use of
MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
- CVE-2017-16644: The hdpvr_probe function in
drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a
denial of service (improper error handling and system crash) or possibly
have unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function in kernel/futex.c in the Linux
kernel might allow attackers to cause a denial of service (integer
overflow) or possibly have unspecified other impact by triggering a
negative wake or requeue value (bnc#1080757).
- CVE-2017-16914: The "stub_send_ret_submit()" function
(drivers/usb/usbip/stub_tx.c) allowed attackers to cause a denial of
service (NULL pointer dereference) via a specially crafted USB over IP
packet (bnc#1078669).
- CVE-2016-7915: The hid_input_field function in drivers/hid/hid-core.c
allowed physically proximate attackers to obtain sensitive information
from kernel memory or cause a denial of service (out-of-bounds read) by
connecting a device, as demonstrated by a Logitech DJ receiver
(bnc#1010470).
- CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c
attempted to support a FRAGLIST feature without proper memory
allocation, which allowed guest OS users to cause a denial of service
(buffer overflow and memory corruption) via a crafted sequence of
fragmented packets (bnc#940776).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions in
block/bio.c did unbalanced refcounting when a SCSI I/O vector has small
consecutive buffers belonging to the same page. The bio_add_pc_page
function merges them into one, but the page reference is never dropped.
This causes a memory leak and possible system lockup (exploitable
against the host OS by a guest OS user, if a SCSI disk is passed through
to a virtual machine) due to an out-of-memory condition (bnc#1062568).
- CVE-2017-16912: The "get_pipe()" function (drivers/usb/usbip/stub_rx.c)
allowed attackers to cause a denial of service (out-of-bounds read) via
a specially crafted USB over IP packet (bnc#1078673).
- CVE-2017-16913: The "stub_recv_cmd_submit()" function
(drivers/usb/usbip/stub_rx.c) when handling CMD_SUBMIT packets allowed
attackers to cause a denial of service (arbitrary memory allocation) via
a specially crafted USB over IP packet (bnc#1078672).
The following non-security bugs were fixed:
- af_iucv: enable control sends in case of SEND_SHUTDOWN (bnc#1085513,
LTC#165135).
- cifs: fix buffer overflow in cifs_build_path_to_root() (bsc#1085113).
- drm/mgag200: fix a test in mga_vga_mode_valid() (bsc#1087092).
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
(bnc#1013018).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1013018).
- ide-cd: workaround VMware ESXi cdrom emulation bug (bsc#1080813).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
(git-fixes).
- kabi: x86/kaiser: properly align trampoline stack.
- keys: do not let add_key() update an uninstantiated key (bnc#1063416).
- keys: prevent creating a different user's keyrings (bnc#1065999).
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
(bnc#1039348).
- nfsv4: fix getacl head length estimation (git-fixes).
- pci: Use function 0 VPD for identical functions, regular VPD for others
(bnc#943786 git-fixes).
- pipe: actually allow root to exceed the pipe buffer limits (git-fixes).
- posix-timers: Protect posix clock array access against speculation
(bnc#1081358).
- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032,
bsc#1075088).
- qeth: repair SBAL elements calculation (bnc#1085513, LTC#165484).
- Revert "USB: cdc-acm: fix broken runtime suspend" (bsc#1067912)
- s390/qeth: fix underestimated count of buffer elements (bnc#1082091,
LTC#164529).
- scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1080813).
- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
- x86-64: Move the "user" vsyscall segment out of the data segment
(bsc#1082424).
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code
(bsc#1085331).
- xen/x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and
sync_regs (bsc#909077).
- xen/x86/cpu: Check speculation control CPUID bit (bsc#1068032).
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994
bsc#1075091).
- xen/x86/cpu: Fix bootup crashes by sanitizing the argument of the
'clearcpuid=' command-line option (bsc#1065600).
- xen/x86/cpu: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- xen/x86/idle: Toggle IBRS when going idle (bsc#1068032).
- xen/x86/kaiser: Move feature detection up (bsc#1068032).
- xfs: check for buffer errors before waiting (bsc#1052943).
- xfs: fix allocbt cursor leak in xfs_alloc_ag_vextent_near (bsc#1087762).
- xfs: really fix the cursor leak in xfs_alloc_ag_vextent_near
(bsc#1087762).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-kernel-source-20180417-13574=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-kernel-source-20180417-13574=1
- SUSE Linux Enterprise Server 11-EXTRA:
zypper in -t patch slexsp3-kernel-source-20180417-13574=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-kernel-source-20180417-13574=1
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):
kernel-docs-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-3.0.101-108.38.1
kernel-default-base-3.0.101-108.38.1
kernel-default-devel-3.0.101-108.38.1
kernel-source-3.0.101-108.38.1
kernel-syms-3.0.101-108.38.1
kernel-trace-3.0.101-108.38.1
kernel-trace-base-3.0.101-108.38.1
kernel-trace-devel-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
kernel-ec2-3.0.101-108.38.1
kernel-ec2-base-3.0.101-108.38.1
kernel-ec2-devel-3.0.101-108.38.1
kernel-xen-3.0.101-108.38.1
kernel-xen-base-3.0.101-108.38.1
kernel-xen-devel-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-SP4 (s390x):
kernel-default-man-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-SP4 (ppc64):
kernel-bigmem-3.0.101-108.38.1
kernel-bigmem-base-3.0.101-108.38.1
kernel-bigmem-devel-3.0.101-108.38.1
kernel-ppc64-3.0.101-108.38.1
kernel-ppc64-base-3.0.101-108.38.1
kernel-ppc64-devel-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-SP4 (i586):
kernel-pae-3.0.101-108.38.1
kernel-pae-base-3.0.101-108.38.1
kernel-pae-devel-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):
kernel-xen-extra-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-EXTRA (x86_64):
kernel-trace-extra-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-EXTRA (ppc64):
kernel-ppc64-extra-3.0.101-108.38.1
- SUSE Linux Enterprise Server 11-EXTRA (i586):
kernel-pae-extra-3.0.101-108.38.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-debuginfo-3.0.101-108.38.1
kernel-default-debugsource-3.0.101-108.38.1
kernel-trace-debuginfo-3.0.101-108.38.1
kernel-trace-debugsource-3.0.101-108.38.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):
kernel-default-devel-debuginfo-3.0.101-108.38.1
kernel-trace-devel-debuginfo-3.0.101-108.38.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-108.38.1
kernel-ec2-debugsource-3.0.101-108.38.1
kernel-xen-debuginfo-3.0.101-108.38.1
kernel-xen-debugsource-3.0.101-108.38.1
kernel-xen-devel-debuginfo-3.0.101-108.38.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):
kernel-bigmem-debuginfo-3.0.101-108.38.1
kernel-bigmem-debugsource-3.0.101-108.38.1
kernel-ppc64-debuginfo-3.0.101-108.38.1
kernel-ppc64-debugsource-3.0.101-108.38.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586):
kernel-pae-debuginfo-3.0.101-108.38.1
kernel-pae-debugsource-3.0.101-108.38.1
kernel-pae-devel-debuginfo-3.0.101-108.38.1
References:
https://www.suse.com/security/cve/CVE-2015-5156.html
https://www.suse.com/security/cve/CVE-2016-7915.html
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2017-12190.html
https://www.suse.com/security/cve/CVE-2017-13166.html
https://www.suse.com/security/cve/CVE-2017-16644.html
https://www.suse.com/security/cve/CVE-2017-16911.html
https://www.suse.com/security/cve/CVE-2017-16912.html
https://www.suse.com/security/cve/CVE-2017-16913.html
https://www.suse.com/security/cve/CVE-2017-16914.html
https://www.suse.com/security/cve/CVE-2017-18203.html
https://www.suse.com/security/cve/CVE-2017-18208.html
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2018-10087.html
https://www.suse.com/security/cve/CVE-2018-6927.html
https://www.suse.com/security/cve/CVE-2018-7566.html
https://www.suse.com/security/cve/CVE-2018-7757.html
https://www.suse.com/security/cve/CVE-2018-8822.html
https://bugzilla.suse.com/1010470
https://bugzilla.suse.com/1013018
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1052943
https://bugzilla.suse.com/1062568
https://bugzilla.suse.com/1062840
https://bugzilla.suse.com/1063416
https://bugzilla.suse.com/1063516
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065999
https://bugzilla.suse.com/1067118
https://bugzilla.suse.com/1067912
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1072689
https://bugzilla.suse.com/1072865
https://bugzilla.suse.com/1075088
https://bugzilla.suse.com/1075091
https://bugzilla.suse.com/1075994
https://bugzilla.suse.com/1078669
https://bugzilla.suse.com/1078672
https://bugzilla.suse.com/1078673
https://bugzilla.suse.com/1078674
https://bugzilla.suse.com/1080464
https://bugzilla.suse.com/1080757
https://bugzilla.suse.com/1080813
https://bugzilla.suse.com/1081358
https://bugzilla.suse.com/1082091
https://bugzilla.suse.com/1082424
https://bugzilla.suse.com/1083242
https://bugzilla.suse.com/1083275
https://bugzilla.suse.com/1083483
https://bugzilla.suse.com/1083494
https://bugzilla.suse.com/1084536
https://bugzilla.suse.com/1085113
https://bugzilla.suse.com/1085279
https://bugzilla.suse.com/1085331
https://bugzilla.suse.com/1085513
https://bugzilla.suse.com/1086162
https://bugzilla.suse.com/1087092
https://bugzilla.suse.com/1087260
https://bugzilla.suse.com/1087762
https://bugzilla.suse.com/1088147
https://bugzilla.suse.com/1088260
https://bugzilla.suse.com/1089608
https://bugzilla.suse.com/909077
https://bugzilla.suse.com/940776
https://bugzilla.suse.com/943786
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:1077-1: important: Security update for kvm
by opensuse-security@opensuse.org 25 Apr '18
by opensuse-security@opensuse.org 25 Apr '18
25 Apr '18
SUSE Security Update: Security update for kvm
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1077-1
Rating: important
References: #1068032 #1076114 #1076179 #1082276 #1083291
Cross-References: CVE-2017-18030 CVE-2017-5715 CVE-2018-5683
CVE-2018-7550
Affected Products:
SUSE Linux Enterprise Server 11-SP4
______________________________________________________________________________
An update that solves four vulnerabilities and has one
errata is now available.
Description:
This update for kvm fixes the following issues:
- This update has the next round of Spectre v2 related patches, which now
integrates with corresponding changes in libvirt. A January 2018 release
of qemu initially addressed the Spectre v2 vulnerability for KVM guests
by exposing the spec-ctrl feature for all x86 vcpu types, which was the
quick and dirty approach, but not the proper solution. We remove that
initial patch and now rely on patches from upstream. This update defines
spec_ctrl and ibpb cpu feature flags as well as new cpu models which are
clones
of existing models with either -IBRS or -IBPB added to the end of the
model name. These new vcpu models explicitly include the new
feature(s), whereas the feature flags can be added to the cpu parameter
as with other features. In short, for continued Spectre v2 protection,
ensure that either the appropriate cpu feature flag is added to the
QEMU command-line, or one of the new cpu models is used. Although
migration from older versions is supported, the new cpu features won't
be properly exposed to the guest until it is restarted with the cpu
features explicitly added. A reboot is insufficient.
- A warning patch is added which attempts to detect a migration from a
qemu version which had the quick and dirty fix (it only detects certain
cases, but hopefully is helpful.) For additional information on Spectre
v2 as it relates to QEMU, see:
https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
(CVE-2017-5715 bsc#1068032)
- A patch is added to continue to detect Spectre v2 mitigation features
(as shown by cpuid), and if found provide that feature to guests, even
if running on older KVM (kernel) versions which do not yet expose that
feature to QEMU. (bsc#1082276) These two patches will be removed when we
can reasonably assume everyone is running with the appropriate updates.
- Security fixes for the following CVE issues: (bsc#1076114 CVE-2018-5683)
(bsc#1083291 CVE-2018-7550)
- This patch is already included, add here for CVE track (bsc#1076179
CVE-2017-18030)
- Toolchain changes have cause the built size of pxe-virtio.rom to exceed
64K. Tweak rarely used strings in code to reduce size of the binary so
it fits again.
- Eliminate bogus use of CPUID_7_0_EDX_PRED_CMD which we've carried since
the initial Spectre v2 patch was added. EDX bit 27 of CPUID Leaf 07H,
Sub-leaf 0 provides status on STIBP, and not the PRED_CMD MSR. Exposing
the STIBP CPUID feature bit to the guest is wrong in general, since the
VM doesn't directly control the scheduling of physical hyperthreads.
This is left strictly to the L0 hypervisor.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-kvm-13571=1
Package List:
- SUSE Linux Enterprise Server 11-SP4 (i586 s390x x86_64):
kvm-1.4.2-60.9.1
References:
https://www.suse.com/security/cve/CVE-2017-18030.html
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2018-5683.html
https://www.suse.com/security/cve/CVE-2018-7550.html
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1076114
https://bugzilla.suse.com/1076179
https://bugzilla.suse.com/1082276
https://bugzilla.suse.com/1083291
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:1072-1: important: Security update for zsh
by opensuse-security@opensuse.org 25 Apr '18
by opensuse-security@opensuse.org 25 Apr '18
25 Apr '18
SUSE Security Update: Security update for zsh
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1072-1
Rating: important
References: #1082885 #1082975 #1082977 #1082991 #1082998
#1083002 #1083250 #1084656 #1087026 #896914
Cross-References: CVE-2014-10070 CVE-2014-10071 CVE-2014-10072
CVE-2016-10714 CVE-2017-18205 CVE-2017-18206
CVE-2018-1071 CVE-2018-1083 CVE-2018-7549
Affected Products:
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________
An update that solves 9 vulnerabilities and has one errata
is now available.
Description:
This update for zsh fixes the following issues:
- CVE-2014-10070: environment variable injection could lead to local
privilege escalation (bnc#1082885)
- CVE-2014-10071: buffer overflow in exec.c could lead to denial of
service. (bnc#1082977)
- CVE-2014-10072: buffer overflow In utils.c when scanning very long
directory paths for symbolic links. (bnc#1082975)
- CVE-2016-10714: In zsh before 5.3, an off-by-one error resulted in
undersized buffers that were intended to support PATH_MAX characters.
(bnc#1083250)
- CVE-2017-18205: In builtin.c when sh compatibility mode is used, a
NULL pointer dereference could lead to denial of service (bnc#1082998)
- CVE-2018-1071: exec.c:hashcmd() function vulnerability could lead to
denial of service. (bnc#1084656)
- CVE-2018-1083: Autocomplete vulnerability could lead to privilege
escalation. (bnc#1087026)
- CVE-2018-7549: In params.c in zsh through 5.4.2, there is a crash
during a copy of an empty hash table, as demonstrated by typeset -p.
(bnc#1082991)
- CVE-2017-18206: buffer overrun in xsymlinks could lead to denial of
service (bnc#1083002)
- Autocomplete and REPORTTIME broken (bsc#896914)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-733=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-733=1
Package List:
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
zsh-5.0.5-6.7.2
zsh-debuginfo-5.0.5-6.7.2
zsh-debugsource-5.0.5-6.7.2
- SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
zsh-5.0.5-6.7.2
zsh-debuginfo-5.0.5-6.7.2
zsh-debugsource-5.0.5-6.7.2
References:
https://www.suse.com/security/cve/CVE-2014-10070.html
https://www.suse.com/security/cve/CVE-2014-10071.html
https://www.suse.com/security/cve/CVE-2014-10072.html
https://www.suse.com/security/cve/CVE-2016-10714.html
https://www.suse.com/security/cve/CVE-2017-18205.html
https://www.suse.com/security/cve/CVE-2017-18206.html
https://www.suse.com/security/cve/CVE-2018-1071.html
https://www.suse.com/security/cve/CVE-2018-1083.html
https://www.suse.com/security/cve/CVE-2018-7549.html
https://bugzilla.suse.com/1082885
https://bugzilla.suse.com/1082975
https://bugzilla.suse.com/1082977
https://bugzilla.suse.com/1082991
https://bugzilla.suse.com/1082998
https://bugzilla.suse.com/1083002
https://bugzilla.suse.com/1083250
https://bugzilla.suse.com/1084656
https://bugzilla.suse.com/1087026
https://bugzilla.suse.com/896914
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:1057-1: important: Security update for virtualbox
by opensuse-security@opensuse.org 24 Apr '18
by opensuse-security@opensuse.org 24 Apr '18
24 Apr '18
openSUSE Security Update: Security update for virtualbox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:1057-1
Rating: important
References: #1089997
Cross-References: CVE-2017-3737 CVE-2017-9798 CVE-2018-0739
CVE-2018-2830 CVE-2018-2831 CVE-2018-2835
CVE-2018-2836 CVE-2018-2837 CVE-2018-2842
CVE-2018-2843 CVE-2018-2844 CVE-2018-2845
CVE-2018-2860
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for VirtualBox to version 5.1.36 fixes multiple issues:
Security issues fixed:
- CVE-2018-0739: Unauthorized remote attacker may have caused a hang or
frequently repeatable crash (complete DOS)
- CVE-2018-2830: Attacker with host login may have compromised Virtualbox
or further system services after interaction with a third user
- CVE-2018-2831: Attacker with host login may have compromised VirtualBox
or further system services, allowing read access to some data
- CVE-2018-2835: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2836: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2837: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2842: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2843: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2844: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2845: Attacker with host login may have caused a hang or
frequently repeatable crash (complete DOS), and perform unauthorized
read and write operation to some VirtualBox accessible data
- CVE-2018-2860: Privileged attacker may have gained control over
VirtualBox and possibly further system services
http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-36781
08.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
#AppendixOVIR
This update also contains all upstream fixes and improvements in the
stable 5.1.36 release.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-389=1
Package List:
- openSUSE Leap 42.3 (noarch):
virtualbox-guest-desktop-icons-5.1.36-50.1
virtualbox-guest-source-5.1.36-50.1
virtualbox-host-source-5.1.36-50.1
- openSUSE Leap 42.3 (x86_64):
python-virtualbox-5.1.36-50.1
python-virtualbox-debuginfo-5.1.36-50.1
virtualbox-5.1.36-50.1
virtualbox-debuginfo-5.1.36-50.1
virtualbox-debugsource-5.1.36-50.1
virtualbox-devel-5.1.36-50.1
virtualbox-guest-kmp-default-5.1.36_k4.4.126_48-50.1
virtualbox-guest-kmp-default-debuginfo-5.1.36_k4.4.126_48-50.1
virtualbox-guest-tools-5.1.36-50.1
virtualbox-guest-tools-debuginfo-5.1.36-50.1
virtualbox-guest-x11-5.1.36-50.1
virtualbox-guest-x11-debuginfo-5.1.36-50.1
virtualbox-host-kmp-default-5.1.36_k4.4.126_48-50.1
virtualbox-host-kmp-default-debuginfo-5.1.36_k4.4.126_48-50.1
virtualbox-qt-5.1.36-50.1
virtualbox-qt-debuginfo-5.1.36-50.1
virtualbox-vnc-5.1.36-50.1
virtualbox-websrv-5.1.36-50.1
virtualbox-websrv-debuginfo-5.1.36-50.1
References:
https://www.suse.com/security/cve/CVE-2017-3737.html
https://www.suse.com/security/cve/CVE-2017-9798.html
https://www.suse.com/security/cve/CVE-2018-0739.html
https://www.suse.com/security/cve/CVE-2018-2830.html
https://www.suse.com/security/cve/CVE-2018-2831.html
https://www.suse.com/security/cve/CVE-2018-2835.html
https://www.suse.com/security/cve/CVE-2018-2836.html
https://www.suse.com/security/cve/CVE-2018-2837.html
https://www.suse.com/security/cve/CVE-2018-2842.html
https://www.suse.com/security/cve/CVE-2018-2843.html
https://www.suse.com/security/cve/CVE-2018-2844.html
https://www.suse.com/security/cve/CVE-2018-2845.html
https://www.suse.com/security/cve/CVE-2018-2860.html
https://bugzilla.suse.com/1089997
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:1056-1: important: Security update for hdf5
by opensuse-security@opensuse.org 24 Apr '18
by opensuse-security@opensuse.org 24 Apr '18
24 Apr '18
openSUSE Security Update: Security update for hdf5
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:1056-1
Rating: important
References: #1011198 #1011201 #1011204 #1011205
Cross-References: CVE-2016-4330 CVE-2016-4331 CVE-2016-4332
CVE-2016-4333
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for hdf5 fixes the following issues:
- fix security issues (arbitary code execution): CVE-2016-4330: H5T_ARRAY
Code Execution (boo#1011201) CVE-2016-4331: H5Z_NBIT Code Execution
(boo#1011204) CVE-2016-4332: Shareable Message Type Code Execution
(boo#1011205) CVE-2016-4333: Array index bounds issue (boo#1011198)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-392=1
Package List:
- openSUSE Leap 42.3 (x86_64):
hdf5-1.8.15-7.3.1
hdf5-debuginfo-1.8.15-7.3.1
hdf5-debugsource-1.8.15-7.3.1
hdf5-devel-1.8.15-7.3.1
hdf5-devel-data-1.8.15-7.3.1
hdf5-devel-static-1.8.15-7.3.1
hdf5-examples-1.8.15-7.3.1
hdf5-openmpi-1.8.15-7.3.1
hdf5-openmpi-debuginfo-1.8.15-7.3.1
hdf5-openmpi-devel-1.8.15-7.3.1
hdf5-openmpi-devel-static-1.8.15-7.3.1
libhdf5-10-1.8.15-7.3.1
libhdf5-10-debuginfo-1.8.15-7.3.1
libhdf5-10-openmpi-1.8.15-7.3.1
libhdf5-10-openmpi-debuginfo-1.8.15-7.3.1
libhdf5_hl10-1.8.15-7.3.1
libhdf5_hl10-debuginfo-1.8.15-7.3.1
libhdf5_hl10-openmpi-1.8.15-7.3.1
libhdf5_hl10-openmpi-debuginfo-1.8.15-7.3.1
References:
https://www.suse.com/security/cve/CVE-2016-4330.html
https://www.suse.com/security/cve/CVE-2016-4331.html
https://www.suse.com/security/cve/CVE-2016-4332.html
https://www.suse.com/security/cve/CVE-2016-4333.html
https://bugzilla.suse.com/1011198
https://bugzilla.suse.com/1011201
https://bugzilla.suse.com/1011204
https://bugzilla.suse.com/1011205
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:1051-1: important: Security update for hdf5
by opensuse-security@opensuse.org 24 Apr '18
by opensuse-security@opensuse.org 24 Apr '18
24 Apr '18
openSUSE Security Update: Security update for hdf5
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:1051-1
Rating: important
References: #1011198 #1011201 #1011204 #1011205
Cross-References: CVE-2016-4330 CVE-2016-4331 CVE-2016-4332
CVE-2016-4333
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for hdf5 fixes the following issues:
- fix security issues (arbitary code execution): CVE-2016-4330: H5T_ARRAY
Code Execution (boo#1011201) CVE-2016-4331: H5Z_NBIT Code Execution
(boo#1011204) CVE-2016-4332: Shareable Message Type Code Execution
(boo#1011205) CVE-2016-4333: Array index bounds issue (boo#1011198)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2018-392=1
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):
hdf5-1.8.17-5.1
hdf5-devel-1.8.17-5.1
hdf5-devel-data-1.8.17-5.1
hdf5-devel-static-1.8.17-5.1
hdf5-examples-1.8.17-5.1
hdf5-openmpi-1.8.17-5.1
hdf5-openmpi-devel-1.8.17-5.1
hdf5-openmpi-devel-static-1.8.17-5.1
libhdf5-10-1.8.17-5.1
libhdf5-10-openmpi-1.8.17-5.1
libhdf5_cpp12-1.8.17-5.1
libhdf5_fortran10-1.8.17-5.1
libhdf5_fortran10-openmpi-1.8.17-5.1
libhdf5_hl10-1.8.17-5.1
libhdf5_hl10-openmpi-1.8.17-5.1
libhdf5_hl_cpp11-1.8.17-5.1
libhdf5hl_fortran10-1.8.17-5.1
libhdf5hl_fortran10-openmpi-1.8.17-5.1
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 s390x x86_64):
hdf5-debuginfo-1.8.17-5.1
hdf5-debugsource-1.8.17-5.1
hdf5-openmpi-debuginfo-1.8.17-5.1
libhdf5-10-debuginfo-1.8.17-5.1
libhdf5-10-openmpi-debuginfo-1.8.17-5.1
libhdf5_cpp12-debuginfo-1.8.17-5.1
libhdf5_fortran10-debuginfo-1.8.17-5.1
libhdf5_fortran10-openmpi-debuginfo-1.8.17-5.1
libhdf5_hl10-debuginfo-1.8.17-5.1
libhdf5_hl10-openmpi-debuginfo-1.8.17-5.1
libhdf5_hl_cpp11-debuginfo-1.8.17-5.1
libhdf5hl_fortran10-debuginfo-1.8.17-5.1
libhdf5hl_fortran10-openmpi-debuginfo-1.8.17-5.1
References:
https://www.suse.com/security/cve/CVE-2016-4330.html
https://www.suse.com/security/cve/CVE-2016-4331.html
https://www.suse.com/security/cve/CVE-2016-4332.html
https://www.suse.com/security/cve/CVE-2016-4333.html
https://bugzilla.suse.com/1011198
https://bugzilla.suse.com/1011201
https://bugzilla.suse.com/1011204
https://bugzilla.suse.com/1011205
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2018:1049-1: important: Security update for PackageKit
by opensuse-security@opensuse.org 23 Apr '18
by opensuse-security@opensuse.org 23 Apr '18
23 Apr '18
openSUSE Security Update: Security update for PackageKit
______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:1049-1
Rating: important
References: #1086936
Cross-References: CVE-2018-1106
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for PackageKit fixes the following security issue:
- CVE-2018-1106: Drop the polkit rule which could allow users in wheel
group to install packages without root password (bsc#1086936).
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-386=1
Package List:
- openSUSE Leap 42.3 (i586 x86_64):
PackageKit-1.1.3-5.3.1
PackageKit-backend-zypp-1.1.3-5.3.1
PackageKit-backend-zypp-debuginfo-1.1.3-5.3.1
PackageKit-debuginfo-1.1.3-5.3.1
PackageKit-debugsource-1.1.3-5.3.1
PackageKit-devel-1.1.3-5.3.1
PackageKit-devel-debuginfo-1.1.3-5.3.1
PackageKit-gstreamer-plugin-1.1.3-5.3.1
PackageKit-gstreamer-plugin-debuginfo-1.1.3-5.3.1
PackageKit-gtk3-module-1.1.3-5.3.1
PackageKit-gtk3-module-debuginfo-1.1.3-5.3.1
libpackagekit-glib2-18-1.1.3-5.3.1
libpackagekit-glib2-18-debuginfo-1.1.3-5.3.1
libpackagekit-glib2-devel-1.1.3-5.3.1
typelib-1_0-PackageKitGlib-1_0-1.1.3-5.3.1
- openSUSE Leap 42.3 (x86_64):
libpackagekit-glib2-18-32bit-1.1.3-5.3.1
libpackagekit-glib2-18-debuginfo-32bit-1.1.3-5.3.1
libpackagekit-glib2-devel-32bit-1.1.3-5.3.1
- openSUSE Leap 42.3 (noarch):
PackageKit-branding-upstream-1.1.3-5.3.1
PackageKit-lang-1.1.3-5.3.1
References:
https://www.suse.com/security/cve/CVE-2018-1106.html
https://bugzilla.suse.com/1086936
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:1048-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 23 Apr '18
by opensuse-security@opensuse.org 23 Apr '18
23 Apr '18
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1048-1
Rating: important
References: #1012382 #1019695 #1019699 #1022604 #1031717
#1046610 #1060799 #1064206 #1068032 #1073059
#1073069 #1075428 #1076033 #1077560 #1083574
#1083745 #1083836 #1084223 #1084310 #1084328
#1084353 #1084452 #1084610 #1084699 #1084829
#1084889 #1084898 #1084914 #1084918 #1084967
#1085042 #1085058 #1085224 #1085383 #1085402
#1085404 #1085487 #1085507 #1085511 #1085679
#1085981 #1086015 #1086162 #1086194 #1086357
#1086499 #1086518 #1086607 #1087088 #1087211
#1087231 #1087260 #1087274 #1087659 #1087845
#1087906 #1087999 #1088050 #1088087 #1088241
#1088267 #1088313 #1088324 #1088600 #1088684
#1088871 #802154
Cross-References: CVE-2017-18257 CVE-2018-1091 CVE-2018-7740
CVE-2018-8043 CVE-2018-8822
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Live Patching 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
SUSE CaaS Platform ALL
______________________________________________________________________________
An update that solves 5 vulnerabilities and has 62 fixes is
now available.
Description:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1091: In the flush_tmregs_to_thread function in
arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from
unprivileged userspace during a core dump on a POWER host due to a
missing processor feature check and an erroneous use of transactional
memory (TM) instructions in the core dump path, leading to a denial of
service (bnc#1087231).
- CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed
local users to cause a denial of service (BUG) via a crafted application
that made mmap system calls and has a large pgoff argument to the
remap_file_pages system call (bnc#1084353).
- CVE-2018-8043: The unimac_mdio_probe function in
drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource
availability, which allowed local users to cause a denial of service
(NULL pointer dereference) (bnc#1084829).
- CVE-2017-18257: The __get_data_block function in fs/f2fs/data.c allowed
local users to cause a denial of service (integer overflow and loop) via
crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP
ioctl. (bnc#1088241)
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious
NCPFS servers to crash the kernel or execute code (bnc#1086162).
The following non-security bugs were fixed:
- acpica: Add header support for TPM2 table changes (bsc#1084452).
- acpica: Add support for new SRAT subtable (bsc#1085981).
- acpica: iasl: Update to IORT SMMUv3 disassembling (bsc#1085981).
- acpi/iort: numa: Add numa node mapping for smmuv3 devices (bsc#1085981).
- acpi, numa: fix pxm to online numa node associations (bnc#1012382).
- acpi / pmic: xpower: Fix power_table addresses (bnc#1012382).
- acpi/processor: Fix error handling in __acpi_processor_start()
(bnc#1012382).
- acpi/processor: Replace racy task affinity logic (bnc#1012382).
- add mainline tag to various patches to be able to get further work done
- af_iucv: enable control sends in case of SEND_SHUTDOWN (bnc#1085507,
LTC#165135).
- agp/intel: Flush all chipset writes after updating the GGTT
(bnc#1012382).
- ahci: Add PCI-id for the Highpoint Rocketraid 644L card (bnc#1012382).
- alsa: aloop: Fix access to not-yet-ready substream via cable
(bnc#1012382).
- alsa: aloop: Sync stale timer before release (bnc#1012382).
- alsa: firewire-digi00x: handle all MIDI messages on streaming packets
(bnc#1012382).
- alsa: hda: Add a power_save blacklist (bnc#1012382).
- alsa: hda: add dock and led support for HP EliteBook 820 G3
(bnc#1012382).
- alsa: hda: add dock and led support for HP ProBook 640 G2 (bnc#1012382).
- alsa: hda/realtek - Always immediately update mute LED with pin VREF
(bnc#1012382).
- alsa: hda/realtek - Fix dock line-out volume on Dell Precision 7520
(bnc#1012382).
- alsa: hda/realtek - Fix speaker no sound after system resume
(bsc#1031717).
- alsa: hda - Revert power_save option default value (git-fixes).
- alsa: pcm: Fix UAF in snd_pcm_oss_get_formats() (bnc#1012382).
- alsa: usb-audio: Add a quirck for B&W PX headphones (bnc#1012382).
- alsa: usb-audio: Fix parsing descriptor of UAC2 processing unit
(bnc#1012382).
- apparmor: Make path_max parameter readonly (bnc#1012382).
- arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
(bsc#1068032).
- arm64: Add missing Falkor part number for branch predictor hardening
(bsc#1068032).
- arm64: capabilities: Handle duplicate entries for a capability
(bsc#1068032).
- arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
(bsc#1068032).
- arm64 / cpuidle: Use new cpuidle macro for entering retention state
(bsc#1084328).
- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1088313).
- arm64: fix smccc compilation (bsc#1068032).
- arm64: Kill PSCI_GET_VERSION as a variant-2 workaround (bsc#1068032).
- arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling (bsc#1068032).
- arm64: KVM: Increment PC after handling an SMC trap (bsc#1068032).
- arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
(bsc#1068032).
- arm64: mm: do not write garbage into TTBR1_EL1 register (bsc#1085487).
- arm64: mm: fix thinko in non-global page table attribute check
(bsc#1088050).
- arm64: Relax ARM_SMCCC_ARCH_WORKAROUND_1 discovery (bsc#1068032).
- arm: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and
!FRAME_POINTER (bnc#1012382).
- arm/arm64: KVM: Add PSCI_VERSION helper (bsc#1068032).
- arm/arm64: KVM: Add smccc accessors to PSCI code (bsc#1068032).
- arm/arm64: KVM: Advertise SMCCC v1.1 (bsc#1068032).
- arm/arm64: KVM: Consolidate the PSCI include files (bsc#1068032).
- arm/arm64: KVM: Implement PSCI 1.0 support (bsc#1068032).
- arm/arm64: KVM: Turn kvm_psci_version into a static inline (bsc#1068032).
- arm/arm64: smccc: Implement SMCCC v1.1 inline primitive (bsc#1068032).
- arm/arm64: smccc: Make function identifiers an unsigned quantity
(bsc#1068032).
- arm: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to
SW_WKUP (bnc#1012382).
- arm: dts: Adjust moxart IRQ controller and flags (bnc#1012382).
- arm: dts: am335x-pepper: Fix the audio CODEC's reset pin (bnc#1012382).
- arm: dts: exynos: Correct Trats2 panel reset line (bnc#1012382).
- arm: dts: koelsch: Correct clock frequency of X2 DU clock input
(bnc#1012382).
- arm: dts: LogicPD Torpedo: Fix I2C1 pinmux (bnc#1012382).
- arm: dts: LogicPD Torpedo: Fix I2C1 pinmux (bnc#1012382).
- arm: dts: omap3-n900: Fix the audio CODEC's reset pin (bnc#1012382).
- arm: dts: r8a7790: Correct parent of SSI[0-9] clocks (bnc#1012382).
- arm: dts: r8a7791: Correct parent of SSI[0-9] clocks (bnc#1012382).
- arm: mvebu: Fix broken PL310_ERRATA_753970 selects (bnc#1012382).
- asoc: rcar: ssi: do not set SSICR.CKDV = 000 with SSIWSR.CONT
(bnc#1012382).
- ath10k: disallow DFS simulation if DFS channel is not enabled
(bnc#1012382).
- ath10k: fix invalid STS_CAP_OFFSET_MASK (bnc#1012382).
- ath10k: update tdls teardown state to target (bnc#1012382).
- ath: Fix updating radar flags for coutry code India (bnc#1012382).
- batman-adv: handle race condition for claims between gateways
(bnc#1012382).
- bcache: do not attach backing with duplicate UUID (bnc#1012382).
- blkcg: fix double free of new_blkg in blkcg_init_queue (bnc#1012382).
- blk-throttle: make sure expire time isn't too big (bnc#1012382).
- block: do not assign cmd_flags in __blk_rq_prep_clone (bsc#1088087).
- block-mq: stop workqueue items in blk_mq_stop_hw_queue() (bsc#1084967).
- bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 (bnc#1012382).
- bluetooth: hci_qca: Avoid setup failure on missing rampatch
(bnc#1012382).
- bnx2x: Align RX buffers (bnc#1012382).
- bonding: refine bond_fold_stats() wrap detection (bnc#1012382).
- bpf: fix incorrect sign extension in check_alu_op() (bnc#1012382).
- bpf: skip unnecessary capability check (bnc#1012382).
- bpf, x64: implement retpoline for tail call (bnc#1012382).
- bpf, x64: increase number of passes (bnc#1012382).
- braille-console: Fix value returned by _braille_console_setup
(bnc#1012382).
- brcmfmac: fix P2P_DEVICE ethernet address generation (bnc#1012382).
- bridge: check brport attr show in brport_show (bnc#1012382).
- btrfs: alloc_chunk: fix DUP stripe size handling (bnc#1012382).
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
device (bnc#1012382).
- btrfs: improve delayed refs iterations (bsc#1076033).
- btrfs: incremental send, fix invalid memory access (git-fixes).
- btrfs: preserve i_mode if __btrfs_set_acl() fails (bnc#1012382).
- btrfs: send, fix file hole not being preserved due to inline extent
(bnc#1012382).
- can: cc770: Fix queue stall & dropped RTR reply (bnc#1012382).
- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
(bnc#1012382).
- can: cc770: Fix use after free in cc770_tx_interrupt() (bnc#1012382).
- ceph: only dirty ITER_IOVEC pages for direct read (bsc#1084898).
- ch9200: use skb_cow_head() to deal with cloned skbs (bsc#1088684).
- clk: bcm2835: Protect sections updating shared registers (bnc#1012382).
- clk: ns2: Correct SDIO bits (bnc#1012382).
- clk: qcom: msm8916: fix mnd_width for codec_digcodec (bnc#1012382).
- clk: si5351: Rename internal plls to avoid name collisions (bnc#1012382).
- coresight: Fix disabling of CoreSight TPIU (bnc#1012382).
- coresight: Fixes coresight DT parse to get correct output port ID
(bnc#1012382).
- cpufreq: Fix governor module removal race (bnc#1012382).
- cpufreq: s3c24xx: Fix broken s3c_cpufreq_init() (bnc#1012382).
- cpufreq/sh: Replace racy task affinity logic (bnc#1012382).
- cpuidle: Add new macro to enter a retention idle state (bsc#1084328).
- cros_ec: fix nul-termination for firmware build info (bnc#1012382).
- crypto: cavium - fix memory leak on info (bsc#1086518).
- dcache: Add cond_resched in shrink_dentry_list (bsc#1086194).
- dccp: check sk for closed state in dccp_sendmsg() (bnc#1012382).
- dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
(bnc#1012382).
- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
(bnc#1012382).
- dm: Always copy cmd_flags when cloning a request (bsc#1088087).
- driver: (adm1275) set the m,b and R coefficients correctly for power
(bnc#1012382).
- drm: Allow determining if current task is output poll worker
(bnc#1012382).
- drm/amdgpu/dce: Do not turn off DP sink when disconnected (bnc#1012382).
- drm/amdgpu: Fail fb creation from imported dma-bufs. (v2) (bnc#1012382).
- drm/amdgpu: Fix deadlock on runtime suspend (bnc#1012382).
- drm/amdgpu: fix KV harvesting (bnc#1012382).
- drm/amdgpu: Notify sbios device ready before send request (bnc#1012382).
- drm/amdkfd: Fix memory leaks in kfd topology (bnc#1012382).
- drm: Defer disabling the vblank IRQ until the next interrupt (for
instant-off) (bnc#1012382).
- drm/edid: set ELD connector type in drm_edid_to_eld() (bnc#1012382).
- drm/i915/cmdparser: Do not check past the cmd length (bsc#1031717).
- drm/i915/psr: Check for the specific AUX_FRAME_SYNC cap bit
(bsc#1031717).
- drm/msm: fix leak in failed get_pages (bnc#1012382).
- drm/nouveau: Fix deadlock on runtime suspend (bnc#1012382).
- drm/nouveau/kms: Increase max retries in scanout position queries
(bnc#1012382).
- drm/omap: DMM: Check for DMM readiness after successful transaction
commit (bnc#1012382).
- drm: qxl: Do not alloc fbdev if emulation is not supported (bnc#1012382).
- drm/radeon: Do not turn off DP sink when disconnected (bnc#1012382).
- drm/radeon: Fail fb creation from imported dma-bufs (bnc#1012382).
- drm/radeon: Fix deadlock on runtime suspend (bnc#1012382).
- drm/radeon: fix KV harvesting (bnc#1012382).
- drm: udl: Properly check framebuffer mmap offsets (bnc#1012382).
- drm/vmwgfx: Fix a destoy-while-held mutex problem (bnc#1012382).
- drm/vmwgfx: Fixes to vmwgfx_fb (bnc#1012382).
- e1000e: Avoid missed interrupts following ICR read (bsc#1075428).
- e1000e: Avoid receiver overrun interrupt bursts (bsc#1075428).
- e1000e: Fix check_for_link return value with autoneg off (bsc#1075428).
- e1000e: Fix link check race condition (bsc#1075428).
- e1000e: Fix queue interrupt re-raising in Other interrupt (bsc#1075428).
- e1000e: fix timing for 82579 Gigabit Ethernet controller (bnc#1012382).
- e1000e: Remove Other from EIAC (bsc#1075428).
- edac, sb_edac: Fix out of bound writes during DIMM configuration on KNL
(git-fixes 3286d3eb906c).
- ext4: inplace xattr block update fails to deduplicate blocks
(bnc#1012382).
- f2fs: relax node version check for victim data in gc (bnc#1012382).
- fib_semantics: Do not match route with mismatching tclassid
(bnc#1012382).
- firmware/psci: Expose PSCI conduit (bsc#1068032).
- firmware/psci: Expose SMCCC version through psci_ops (bsc#1068032).
- fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
(bnc#1012382).
- fs/aio: Add explicit RCU grace period when freeing kioctx (bnc#1012382).
- fs/aio: Use RCU accessors for kioctx_table->table[] (bnc#1012382).
- fs/hugetlbfs/inode.c: change put_page/unlock_page order in
hugetlbfs_fallocate() (git-fixes, bsc#1083745).
- fs: Teach path_connected to handle nfs filesystems with multiple roots
(bnc#1012382).
- genirq: Track whether the trigger type has been set (git-fixes).
- genirq: Use irqd_get_trigger_type to compare the trigger type for shared
IRQs (bnc#1012382).
- hdlc_ppp: carrier detect ok, do not turn off negotiation (bnc#1012382).
- hid: clamp input to logical range if no null state (bnc#1012382).
- hid: reject input outside logical range only if null state is set
(bnc#1012382).
- hugetlbfs: fix offset overflow in hugetlbfs mmap (bnc#1084353).
- hv_balloon: fix bugs in num_pages_onlined accounting (fate#323887).
- hv_balloon: fix printk loglevel (fate#323887).
- hv_balloon: simplify hv_online_page()/hv_page_online_one() (fate#323887).
- i2c: i2c-scmi: add a MS HID (bnc#1012382).
- i2c: xlp9xx: Check for Bus state before every transfer (bsc#1084310).
- i2c: xlp9xx: Handle NACK on DATA properly (bsc#1084310).
- i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
(bsc#1060799).
- i2c: xlp9xx: return ENXIO on slave address NACK (bsc#1060799).
- i40e: Acquire NVM lock before reads on all devices (bnc#1012382).
- i40e: avoid NVM acquire deadlock during NVM update (git-fixes).
- ia64: fix module loading for gcc-5.4 (bnc#1012382).
- ib/ipoib: Avoid memory leak if the SA returns a different DGID
(bnc#1012382).
- ib/ipoib: Update broadcast object if PKey value was changed in index 0
(bnc#1012382).
- ib/mlx4: Change vma from shared to private (bnc#1012382).
- ib/mlx4: Take write semaphore when changing the vma struct (bnc#1012382).
- ibmvfc: Avoid unnecessary port relogin (bsc#1085404).
- ibmvnic: Disable irqs before exiting reset from closed state
(bsc#1084610).
- ibmvnic: Do not reset CRQ for Mobility driver resets (bsc#1088600).
- ibmvnic: Fix DMA mapping mistakes (bsc#1088600).
- ibmvnic: Fix failover case for non-redundant configuration (bsc#1088600).
- ibmvnic: Fix reset return from closed state (bsc#1084610).
- ibmvnic: Fix reset scheduler error handling (bsc#1088600).
- ibmvnic: Potential NULL dereference in clean_one_tx_pool() (bsc#1085224,
git-fixes).
- ibmvnic: Remove unused TSO resources in TX pool structure (bsc#1085224).
- ibmvnic: Update TX pool cleaning routine (bsc#1085224).
- ibmvnic: Zero used TX descriptor counter on reset (bsc#1088600).
- ib/umem: Fix use of npages/nmap fields (bnc#1012382).
- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
(bnc#1012382).
- iio: st_pressure: st_accel: Initialise sensor platform data properly
(bnc#1012382).
- iio: st_pressure: st_accel: pass correct platform data to init
(git-fixes).
- ima: relax requiring a file signature for new files with zero length
(bnc#1012382).
- infiniband/uverbs: Fix integer overflows (bnc#1012382).
- input: matrix_keypad - fix race when disabling interrupts (bnc#1012382).
- input: qt1070 - add OF device ID table (bnc#1012382).
- input: tsc2007 - check for presence and power down tsc2007 during probe
(bnc#1012382).
- iommu/omap: Register driver before setting IOMMU ops (bnc#1012382).
- iommu/vt-d: clean up pr_irq if request_threaded_irq fails (bnc#1012382).
- ip6_vti: adjust vti mtu according to mtu of lower device (bnc#1012382).
- ipmi: do not probe ACPI devices if si_tryacpi is unset (bsc#1060799).
- ipmi: Fix the I2C address extraction from SPMI tables (bsc#1060799).
- ipmi_ssif: Fix kernel panic at msg_done_handler (bsc#1088871).
- ipmi_ssif: Fix logic around alert handling (bsc#1060799).
- ipmi_ssif: remove redundant null check on array client->adapter->name
(bsc#1060799).
- ipmi_ssif: unlock on allocation failure (bsc#1060799).
- ipmi:ssif: Use i2c_adapter_id instead of adapter->nr (bsc#1060799).
- ipmi: Use the proper default value for register size in ACPI
(bsc#1060799).
- ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
(bnc#1012382).
- ipv6: fix access to non-linear packet in
ndisc_fill_redirect_hdr_option() (bnc#1012382).
- ipv6 sit: work around bogus gcc-8 -Wrestrict warning (bnc#1012382).
- ipvlan: add L2 check for packets arriving via virtual devices
(bnc#1012382).
- irqchip/gic-v3-its: Add ACPI NUMA node mapping (bsc#1085981).
- irqchip/gic-v3-its: Allow GIC ITS number more than MAX_NUMNODES
(bsc#1085981).
- irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis (bnc#1012382).
- irqchip/gic-v3-its: Remove ACPICA version check for ACPI NUMA
(bsc#1085981).
- kbuild: disable clang's default use of -fmerge-all-constants
(bnc#1012382).
- kbuild: Handle builtin dtb file names containing hyphens (bnc#1012382).
- kprobes/x86: Fix kprobe-booster not to boost far call instructions
(bnc#1012382).
- kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
(git-fixes).
- kprobes/x86: Set kprobes pages read-only (bnc#1012382).
- kvm: arm/arm64: Handle CPU_PM_ENTER_FAILED (bsc#1086499).
- kvm: arm/arm64: vgic: Add missing irq_lock to vgic_mmio_read_pending
(bsc#1086499).
- kvm: arm/arm64: vgic: Do not populate multiple LRs with the same vintid
(bsc#1086499).
- kvm: arm/arm64: vgic-its: Check result of allocation before use (bsc#).
- kvm: arm/arm64: vgic-its: Preserve the revious read from the pending
table (bsc#1086499).
- kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on
v3 (bsc#1086499).
- kvm: mmu: Fix overlap between public and private memslots (bnc#1012382).
- kvm: nVMX: fix nested tsc scaling (bsc1087999).
- kvm: PPC: Book3S PR: Exit KVM on failed mapping (bnc#1012382).
- kvm/x86: fix icebp instruction handling (bnc#1012382).
- l2tp: do not accept arbitrary sockets (bnc#1012382).
- libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
(bnc#1012382).
- libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs (bnc#1012382).
- libata: disable LPM for Crucial BX100 SSD 500GB drive (bnc#1012382).
- libata: Enable queued TRIM for Samsung SSD 860 (bnc#1012382).
- libata: fix length validation of ATAPI-relayed SCSI commands
(bnc#1012382).
- libata: Make Crucial BX100 500GB LPM quirk apply to all firmware
versions (bnc#1012382).
- libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
(bnc#1012382).
- libata: remove WARN() for DMA or PIO command without data (bnc#1012382).
- lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
(bnc#1012382).
- loop: Fix lost writes caused by missing flag (bnc#1012382).
- lpfc: update version to 11.4.0.7-1 (bsc#1085383).
- mac80211: do not parse encrypted management frames in
ieee80211_frame_acked (bnc#1012382).
- mac80211: do not WARN on bad WMM parameters from buggy APs (bsc#1031717).
- mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
(bnc#1012382).
- mac80211: remove BUG() when interface type is invalid (bnc#1012382).
- md-cluster: fix wrong condition check in raid1_write_request
(bsc#1085402).
- md/raid10: skip spare disk as 'first' disk (bnc#1012382).
- md/raid10: wait up frozen array in handle_write_completed (bnc#1012382).
- md/raid6: Fix anomily when recovering a single device in RAID6
(bnc#1012382).
- media: au0828: fix VIDEO_V4L2 dependency (bsc#1031717).
- media: bt8xx: Fix err 'bt878_probe()' (bnc#1012382).
- media: c8sectpfe: fix potential NULL pointer dereference in
c8sectpfe_timer_interrupt (bnc#1012382).
- media: cpia2: Fix a couple off by one bugs (bnc#1012382).
- media: cx25821: prevent out-of-bounds read on array card (bsc#1031717).
- media/dvb-core: Race condition when writing to CAM (bnc#1012382).
- media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
(bnc#1012382).
- media: m88ds3103: do not call a non-initalized function (bnc#1012382).
- media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
(bnc#1012382).
- media: s3c-camif: fix out-of-bounds array access (bsc#1031717).
- mfd: palmas: Reset the POWERHOLD mux during power off (bnc#1012382).
- mmc: avoid removing non-removable hosts during suspend (bnc#1012382).
- mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
(bnc#1012382).
- mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit
systems (bsc#1088267).
- mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a (bnc#1012382).
- mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
(bnc#1012382).
- mm/hugetlb.c: do not call region_abort if region_chg fails (bnc#1084353).
- mm/vmalloc: add interfaces to free unmapped page table (bnc#1012382).
- mpls, nospec: Sanitize array index in mpls_label_ok() (bnc#1012382).
- mt7601u: check return value of alloc_skb (bnc#1012382).
- mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
(bnc#1012382).
- mtd: nand: fsl_ifc: Fix nand waitfunc return value (bnc#1012382).
- mtip32xx: use runtime tag to initialize command header (bnc#1012382).
- net/8021q: create device with all possible features in wanted_features
(bnc#1012382).
- net: ethernet: arc: Fix a potential memory leak if an optional regulator
is deferred (bnc#1012382).
- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII
PHY interface (bnc#1012382).
- net/faraday: Add missing include of of.h (bnc#1012382).
- net: fec: Fix unbalanced PM runtime calls (bnc#1012382).
- netfilter: add back stackpointer size checks (bnc#1012382).
- netfilter: bridge: ebt_among: add missing match size checks
(bnc#1012382).
- netfilter: IDLETIMER: be syzkaller friendly (bnc#1012382).
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
(bnc#1012382).
- netfilter: nat: cope with negative port range (bnc#1012382).
- netfilter: use skb_to_full_sk in ip_route_me_harder (bnc#1012382).
- netfilter: x_tables: fix missing timer initialization in xt_LED
(bnc#1012382).
- netfilter: xt_CT: fix refcnt leak on error path (bnc#1012382).
- net: Fix hlist corruptions in inet_evict_bucket() (bnc#1012382).
- net: fix race on decreasing number of TX queues (bnc#1012382).
- net: hns: Fix ethtool private flags (bsc#1085511).
- net: ipv4: avoid unused variable warning for sysctl (git-fixes).
- net: ipv4: do not allow setting net.ipv4.route.min_pmtu below 68
(bnc#1012382).
- net: ipv6: send unsolicited NA after DAD (git-fixes).
- net: ipv6: send unsolicited NA on admin up (bnc#1012382).
- net/iucv: Free memory obtained by kzalloc (bnc#1012382).
- netlink: avoid a double skb free in genlmsg_mcast() (bnc#1012382).
- netlink: ensure to loop over all netns in genlmsg_multicast_allns()
(bnc#1012382).
- net: mpls: Pull common label check into helper (bnc#1012382).
- net: Only honor ifindex in IP_PKTINFO if non-0 (bnc#1012382).
- net: systemport: Rewrite __bcm_sysport_tx_reclaim() (bnc#1012382).
- net: xfrm: allow clearing socket xfrm policies (bnc#1012382).
- nfc: nfcmrvl: double free on error path (bnc#1012382).
- nfc: nfcmrvl: Include unaligned.h instead of access_ok.h (bnc#1012382).
- nfsd4: permit layoutget of executable-only files (bnc#1012382).
- nfs: Fix an incorrect type in struct nfs_direct_req (bnc#1012382).
- nospec: Allow index argument to have const-qualified type (bnc#1012382).
- nospec: Include <asm/barrier.h> dependency (bnc#1012382).
- nvme: do not send keep-alive frames during reset (bsc#1084223).
- nvme: do not send keep-alives to the discovery controller (bsc#1086607).
- nvme: expand nvmf_check_if_ready checks (bsc#1085058).
- nvme/rdma: do no start error recovery twice (bsc#1084967).
- nvmet_fc: prevent new io rqsts in possible isr completions (bsc#1083574).
- of: fix of_device_get_modalias returned length when truncating buffers
(bnc#1012382).
- openvswitch: Delete conntrack entry clashing with an expectation
(bnc#1012382).
- Partial revert "e1000e: Avoid receiver overrun interrupt bursts"
(bsc#1075428).
- pci/ACPI: Fix bus range comparison in pci_mcfg_lookup() (bsc#1084699).
- pci: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
(bnc#1012382).
- pci: Add pci_reset_function_locked() (bsc#1084889).
- pci: Apply Cavium ACS quirk only to CN81xx/CN83xx/CN88xx devices
(bsc#1084914).
- pci: Avoid FLR for Intel 82579 NICs (bsc#1084889).
- pci: Avoid slot reset if bridge itself is broken (bsc#1084918).
- pci: Export pcie_flr() (bsc#1084889).
- pci: hv: Fix 2 hang issues in hv_compose_msi_msg() (fate#323887,
bsc#1087659, bsc#1087906).
- pci: hv: Fix a comment typo in _hv_pcifront_read_config() (fate#323887,
bsc#1087659).
- pci: hv: Only queue new work items in hv_pci_devices_present() if
necessary (fate#323887, bsc#1087659).
- pci: hv: Remove the bogus test in hv_eject_device_work() (fate#323887,
bsc#1087659).
- pci: hv: Serialize the present and eject work items (fate#323887,
bsc#1087659).
- pci: Mark Haswell Power Control Unit as having non-compliant BARs
(bsc#1086015).
- pci/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown() (bnc#1012382).
- pci: Probe for device reset support during enumeration (bsc#1084889).
- pci: Protect pci_error_handlers->reset_notify() usage with device_lock()
(bsc#1084889).
- pci: Protect restore with device lock to be consistent (bsc#1084889).
- pci: Remove __pci_dev_reset() and pci_dev_reset() (bsc#1084889).
- pci: Remove redundant probes for device reset support (bsc#1084889).
- pci: Wait for up to 1000ms after FLR reset (bsc#1084889).
- perf inject: Copy events when reordering events in pipe mode
(bnc#1012382).
- perf probe: Return errno when not hitting any event (bnc#1012382).
- perf session: Do not rely on evlist in pipe mode (bnc#1012382).
- perf sort: Fix segfault with basic block 'cycles' sort dimension
(bnc#1012382).
- perf tests kmod-path: Do not fail if compressed modules are not
supported (bnc#1012382).
- perf tools: Make perf_event__synthesize_mmap_events() scale
(bnc#1012382).
- perf/x86/intel: Do not accidentally clear high bits in
bdw_limit_period() (bnc#1012382).
- perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on
Skylake servers (bsc#1086357).
- pinctrl: Really force states during suspend/resume (bnc#1012382).
- platform/chrome: Use proper protocol transfer function (bnc#1012382).
- platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (bnc#1012382).
- power: supply: pda_power: move from timer to delayed_work (bnc#1012382).
- ppp: prevent unregistered channels from connecting to PPP units
(bnc#1012382).
- pty: cancel pty slave port buf's work in tty_release (bnc#1012382).
- pwm: tegra: Increase precision in PWM rate calculation (bnc#1012382).
- qed: Free RoCE ILT Memory on rmmod qedr (bsc#1019695 FATE#321703
bsc#1019699 FATE#321702 bsc#1022604 FATE#321747).
- qed: Use after free in qed_rdma_free() (bsc#1019695 FATE#321703
bsc#1019699 FATE#321702 bsc#1022604 FATE#321747).
- qeth: repair SBAL elements calculation (bnc#1085507, LTC#165484).
- qlcnic: fix unchecked return value (bnc#1012382).
- rcutorture/configinit: Fix build directory error message (bnc#1012382).
- rdma/cma: Use correct size when writing netlink stats (bnc#1012382).
- rdma/core: Do not use invalid destination in determining port reuse
(FATE#321231 FATE#321473 FATE#322153 FATE#322149).
- rdma/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
(bnc#1012382).
- rdma/mlx5: Fix integer overflow while resizing CQ (bnc#1012382).
- rdma/ocrdma: Fix permissions for OCRDMA_RESET_STATS (bnc#1012382).
- rdma/ucma: Check that user does not overflow QP state (bnc#1012382).
- rdma/ucma: Fix access to non-initialized CM_ID object (bnc#1012382).
- rdma/ucma: Limit possible option size (bnc#1012382).
- regmap: Do not use format_val in regmap_bulk_read (bsc#1031717).
- regmap: Fix reversed bounds check in regmap_raw_write() (bsc#1031717).
- regmap: Format data for raw write in regmap_bulk_write (bsc#1031717).
- regmap-i2c: Off by one in regmap_i2c_smbus_i2c_read/write()
(bsc#1031717).
- regulator: anatop: set default voltage selector for pcie (bnc#1012382).
- reiserfs: Make cancel_old_flush() reliable (bnc#1012382).
- Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux" (bnc#1012382).
- Revert "e1000e: Separate signaling for link check/link up" (bsc#1075428).
- Revert "genirq: Use irqd_get_trigger_type to compare the trigger type
for shared IRQs" (bnc#1012382).
- Revert "ipvlan: add L2 check for packets arriving via virtual devices"
(reverted in upstream).
- Revert "led: core: Fix brightness setting when setting delay_off=0"
(bnc#1012382).
- rndis_wlan: add return value validation (bnc#1012382).
- rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
(bnc#1012382).
- rtlwifi: rtl8723be: Fix loss of signal (bnc#1012382).
- rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled (bnc#1012382).
- s390/mm: fix local TLB flushing vs. detach of an mm address space
(bnc#1088324, LTC#166470).
- s390/mm: fix race on mm->context.flush_mm (bnc#1088324, LTC#166470).
- s390/mm: no local TLB flush for clearing-by-ASCE IDTE (bnc#1088324,
LTC#166470).
- s390/qeth: apply takeover changes when mode is toggled (bnc#1085507,
LTC#165490).
- s390/qeth: do not apply takeover changes to RXIP (bnc#1085507,
LTC#165490).
- s390/qeth: fix double-free on IP add/remove race (bnc#1085507,
LTC#165491).
- s390/qeth: fix IPA command submission race (bnc#1012382).
- s390/qeth: fix IP address lookup for L3 devices (bnc#1085507,
LTC#165491).
- s390/qeth: fix IP removal on offline cards (bnc#1085507, LTC#165491).
- s390/qeth: fix SETIP command handling (bnc#1012382).
- s390/qeth: free netdevice when removing a card (bnc#1012382).
- s390/qeth: improve error reporting on IP add/removal (bnc#1085507,
LTC#165491).
- s390/qeth: lock IP table while applying takeover changes (bnc#1085507,
LTC#165490).
- s390/qeth: lock read device while queueing next buffer (bnc#1012382).
- s390/qeth: on channel error, reject further cmd requests (bnc#1012382).
- s390/qeth: update takeover IPs after configuration change (bnc#1085507,
LTC#165490).
- s390/qeth: when thread completes, wake up all waiters (bnc#1012382).
- sched: act_csum: do not mangle TCP and UDP GSO packets (bnc#1012382).
- sched: Stop resched_cpu() from sending IPIs to offline CPUs
(bnc#1012382).
- sched: Stop switched_to_rt() from sending IPIs to offline CPUs
(bnc#1012382).
- scsi: core: scsi_get_device_flags_keyed(): Always return device flags
(bnc#1012382).
- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
(bnc#1012382).
- scsi: dh: add new rdac devices (bnc#1012382).
- scsi: lpfc: Add missing unlock in WQ full logic (bsc#1085383).
- scsi: lpfc: Code cleanup for 128byte wqe data type (bsc#1085383).
- scsi: lpfc: Fix mailbox wait for POST_SGL mbox command (bsc#1085383).
- scsi: lpfc: Fix NVME Initiator FirstBurst (bsc#1085383).
- scsi: lpfc: Fix SCSI lun discovery when port configured for both SCSI
and NVME (bsc#1085383).
- scsi: lpfc: Memory allocation error during driver start-up on power8
(bsc#1085383).
- scsi: mac_esp: Replace bogus memory barrier with spinlock (bnc#1012382).
- scsi: sg: check for valid direction before starting the request
(bnc#1012382).
- scsi: sg: fix SG_DXFER_FROM_DEV transfers (bnc#1012382).
- scsi: sg: fix static checker warning in sg_is_valid_dxfer (bnc#1012382).
- scsi: sg: only check for dxfer_len greater than 256M (bnc#1012382
bsc#1064206).
- scsi: virtio_scsi: always read VPD pages for multiqueue too (git-fixes).
- scsi: virtio_scsi: Always try to read VPD pages (bnc#1012382).
- sctp: fix dst refcnt leak in sctp_v4_get_dst (bnc#1012382).
- sctp: fix dst refcnt leak in sctp_v6_get_dst() (bnc#1012382).
- sctp: verify size of a new chunk in _sctp_make_chunk() (bnc#1012382).
- selftests/x86: Add tests for the STR and SLDT instructions (bnc#1012382).
- selftests/x86: Add tests for User-Mode Instruction Prevention
(bnc#1012382).
- selftests/x86/entry_from_vm86: Add test cases for POPF (bnc#1012382).
- selftests/x86/entry_from_vm86: Exit with 1 if we fail (bnc#1012382).
- selinux: check for address length in selinux_socket_bind() (bnc#1012382).
- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
(bnc#1012382).
- serial: sh-sci: prevent lockup on full TTY buffers (bnc#1012382).
- skbuff: Fix not waking applications when errors are enqueued
(bnc#1012382).
- sm501fb: do not return zero on failure path in sm501fb_start()
(bnc#1012382).
- solo6x10: release vb2 buffers in solo_stop_streaming() (bnc#1012382).
- spi: dw: Disable clock after unregistering the host (bnc#1012382).
- spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
(bnc#1012382).
- spi: sun6i: disable/unprepare clocks on remove (bnc#1012382).
- staging: android: ashmem: Fix lockdep issue during llseek (bnc#1012382).
- staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
(bnc#1012382).
- staging: comedi: fix comedi_nsamples_left (bnc#1012382).
- staging: lustre: ptlrpc: kfree used instead of kvfree (bnc#1012382).
- staging: ncpfs: memory corruption in ncp_read_kernel() (bnc#1012382).
- staging: speakup: Replace BUG_ON() with WARN_ON() (bnc#1012382).
- staging: unisys: visorhba: fix s-Par to boot with option
CONFIG_VMAP_STACK set to y (bnc#1012382).
- staging: wilc1000: add check for kmalloc allocation failure
(bnc#1012382).
- staging: wilc1000: fix unchecked return value (bnc#1012382).
- sysrq: Reset the watchdog timers while displaying high-resolution timers
(bnc#1012382).
- target: prefer dbroot of /etc/target over /var/target (bsc#1087274).
- tcm_fileio: Prevent information leak for short reads (bnc#1012382).
- tcp: remove poll() flakes with FastOpen (bnc#1012382).
- tcp: sysctl: Fix a race to avoid unexpected 0 window from space
(bnc#1012382).
- team: Fix double free in error path (bnc#1012382).
- test_firmware: fix setting old custom fw path back on exit (bnc#1012382).
- time: Change posix clocks ops interfaces to use timespec64 (bnc#1012382).
- timers, sched_clock: Update timeout for clock wrap (bnc#1012382).
- tools/usbip: fixes build with musl libc toolchain (bnc#1012382).
- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches
on the bus (bnc#1012382).
- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on
the bus (bnc#1012382).
- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on
the bus (bnc#1012382).
- tpm/tpm_crb: Use start method value from ACPI table directly
(bsc#1084452).
- tracing: probeevent: Fix to support minus offset from symbol
(bnc#1012382).
- tty/serial: atmel: add new version check for usart (bnc#1012382).
- tty: vt: fix up tabstops properly (bnc#1012382).
- uas: fix comparison for error code (bnc#1012382).
- ubi: Fix race condition between ubi volume creation and udev
(bnc#1012382).
- udplite: fix partial checksum initialization (bnc#1012382).
- usb: Do not print a warning if interface driver rebind is deferred at
resume (bsc#1087211).
- usb: dwc2: Make sure we disconnect the gadget state (bnc#1012382).
- usb: gadget: bdc: 64-bit pointer capability check (bnc#1012382).
- usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
dummy_hub_control() (bnc#1012382).
- usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb() (bnc#1012382).
- usb: gadget: udc: Add missing platform_device_put() on error in
bdc_pci_probe() (bnc#1012382).
- usb: quirks: add control message delay for 1b1c:1b20 (bnc#1012382).
- usb: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
(bnc#1012382).
- usb: usbmon: Read text within supplied buffer size (bnc#1012382).
- usb: usbmon: remove assignment from IS_ERR argument (bnc#1012382).
- veth: set peer GSO values (bnc#1012382).
- vgacon: Set VGA struct resource types (bnc#1012382).
- video: ARM CLCD: fix dma allocation size (bnc#1012382).
- video: fbdev: udlfb: Fix buffer on stack (bnc#1012382).
- video/hdmi: Allow "empty" HDMI infoframes (bnc#1012382).
- vxlan: vxlan dev should inherit lowerdev's gso_max_size (bnc#1012382).
- wan: pc300too: abort path on failure (bnc#1012382).
- watchdog: hpwdt: Check source of NMI (bnc#1012382).
- watchdog: hpwdt: fix unused variable warning (bnc#1012382).
- watchdog: hpwdt: SMBIOS check (bnc#1012382).
- watchdog: sbsa: use 32-bit read for WCV (bsc#1085679).
- wil6210: fix memory access violation in wil_memcpy_from/toio_32
(bnc#1012382).
- workqueue: Allow retrieval of current task's work struct (bnc#1012382).
- x86/apic/vector: Handle legacy irq data correctly (bnc#1012382).
- x86/boot/64: Verify alignment of the LOAD segment (bnc#1012382).
- x86/build/64: Force the linker to use 2MB page size (bnc#1012382).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86: i8259: export legacy_pic symbol (bnc#1012382).
- x86/kaiser: Duplicate cpu_tss for an entry trampoline usage (bsc#1077560
bsc#1083836).
- x86/kaiser: enforce trampoline stack alignment (bsc#1087260).
- x86/kaiser: Remove a user mapping of cpu_tss structure (bsc#1077560
bsc#1083836).
- x86/kaiser: Use a per-CPU trampoline stack for kernel entry
(bsc#1077560).
- x86/MCE: Serialize sysfs changes (bnc#1012382).
- x86/mm: Fix vmalloc_fault to use pXd_large (bnc#1012382).
- x86/mm: implement free pmd/pte page interfaces (bnc#1012382).
- x86/module: Detect and skip invalid relocations (bnc#1012382).
- x86/speculation: Remove Skylake C2 from Speculation Control microcode
blacklist (bsc#1087845).
- x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 (bnc#1012382).
- x86/vm86/32: Fix POPF emulation (bnc#1012382).
- xen-blkfront: fix mq start/stop race (bsc#1085042).
- xen-netback: use skb to determine number of required guest Rx requests
(bsc#1046610).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP3:
zypper in -t patch SUSE-SLE-WE-12-SP3-2018-718=1
- SUSE Linux Enterprise Software Development Kit 12-SP3:
zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-718=1
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-718=1
- SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-718=1
- SUSE Linux Enterprise High Availability 12-SP3:
zypper in -t patch SUSE-SLE-HA-12-SP3-2018-718=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-718=1
- SUSE CaaS Platform ALL:
To install this update, use the SUSE CaaS Platform Velum dashboard.
It will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):
kernel-default-debuginfo-4.4.126-94.22.1
kernel-default-debugsource-4.4.126-94.22.1
kernel-default-extra-4.4.126-94.22.1
kernel-default-extra-debuginfo-4.4.126-94.22.1
- SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-4.4.126-94.22.1
kernel-obs-build-debugsource-4.4.126-94.22.1
- SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):
kernel-docs-4.4.126-94.22.1
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-4.4.126-94.22.1
kernel-default-base-4.4.126-94.22.1
kernel-default-base-debuginfo-4.4.126-94.22.1
kernel-default-debuginfo-4.4.126-94.22.1
kernel-default-debugsource-4.4.126-94.22.1
kernel-default-devel-4.4.126-94.22.1
kernel-syms-4.4.126-94.22.1
- SUSE Linux Enterprise Server 12-SP3 (noarch):
kernel-devel-4.4.126-94.22.2
kernel-macros-4.4.126-94.22.2
kernel-source-4.4.126-94.22.2
- SUSE Linux Enterprise Server 12-SP3 (s390x):
kernel-default-man-4.4.126-94.22.1
- SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_126-94_22-default-1-4.5.1
kgraft-patch-4_4_126-94_22-default-debuginfo-1-4.5.1
- SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.4.126-94.22.1
cluster-md-kmp-default-debuginfo-4.4.126-94.22.1
dlm-kmp-default-4.4.126-94.22.1
dlm-kmp-default-debuginfo-4.4.126-94.22.1
gfs2-kmp-default-4.4.126-94.22.1
gfs2-kmp-default-debuginfo-4.4.126-94.22.1
kernel-default-debuginfo-4.4.126-94.22.1
kernel-default-debugsource-4.4.126-94.22.1
ocfs2-kmp-default-4.4.126-94.22.1
ocfs2-kmp-default-debuginfo-4.4.126-94.22.1
- SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
kernel-default-4.4.126-94.22.1
kernel-default-debuginfo-4.4.126-94.22.1
kernel-default-debugsource-4.4.126-94.22.1
kernel-default-devel-4.4.126-94.22.1
kernel-default-extra-4.4.126-94.22.1
kernel-default-extra-debuginfo-4.4.126-94.22.1
kernel-syms-4.4.126-94.22.1
- SUSE Linux Enterprise Desktop 12-SP3 (noarch):
kernel-devel-4.4.126-94.22.2
kernel-macros-4.4.126-94.22.2
kernel-source-4.4.126-94.22.2
- SUSE CaaS Platform ALL (x86_64):
kernel-default-4.4.126-94.22.1
kernel-default-debuginfo-4.4.126-94.22.1
kernel-default-debugsource-4.4.126-94.22.1
References:
https://www.suse.com/security/cve/CVE-2017-18257.html
https://www.suse.com/security/cve/CVE-2018-1091.html
https://www.suse.com/security/cve/CVE-2018-7740.html
https://www.suse.com/security/cve/CVE-2018-8043.html
https://www.suse.com/security/cve/CVE-2018-8822.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1019695
https://bugzilla.suse.com/1019699
https://bugzilla.suse.com/1022604
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1046610
https://bugzilla.suse.com/1060799
https://bugzilla.suse.com/1064206
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1073059
https://bugzilla.suse.com/1073069
https://bugzilla.suse.com/1075428
https://bugzilla.suse.com/1076033
https://bugzilla.suse.com/1077560
https://bugzilla.suse.com/1083574
https://bugzilla.suse.com/1083745
https://bugzilla.suse.com/1083836
https://bugzilla.suse.com/1084223
https://bugzilla.suse.com/1084310
https://bugzilla.suse.com/1084328
https://bugzilla.suse.com/1084353
https://bugzilla.suse.com/1084452
https://bugzilla.suse.com/1084610
https://bugzilla.suse.com/1084699
https://bugzilla.suse.com/1084829
https://bugzilla.suse.com/1084889
https://bugzilla.suse.com/1084898
https://bugzilla.suse.com/1084914
https://bugzilla.suse.com/1084918
https://bugzilla.suse.com/1084967
https://bugzilla.suse.com/1085042
https://bugzilla.suse.com/1085058
https://bugzilla.suse.com/1085224
https://bugzilla.suse.com/1085383
https://bugzilla.suse.com/1085402
https://bugzilla.suse.com/1085404
https://bugzilla.suse.com/1085487
https://bugzilla.suse.com/1085507
https://bugzilla.suse.com/1085511
https://bugzilla.suse.com/1085679
https://bugzilla.suse.com/1085981
https://bugzilla.suse.com/1086015
https://bugzilla.suse.com/1086162
https://bugzilla.suse.com/1086194
https://bugzilla.suse.com/1086357
https://bugzilla.suse.com/1086499
https://bugzilla.suse.com/1086518
https://bugzilla.suse.com/1086607
https://bugzilla.suse.com/1087088
https://bugzilla.suse.com/1087211
https://bugzilla.suse.com/1087231
https://bugzilla.suse.com/1087260
https://bugzilla.suse.com/1087274
https://bugzilla.suse.com/1087659
https://bugzilla.suse.com/1087845
https://bugzilla.suse.com/1087906
https://bugzilla.suse.com/1087999
https://bugzilla.suse.com/1088050
https://bugzilla.suse.com/1088087
https://bugzilla.suse.com/1088241
https://bugzilla.suse.com/1088267
https://bugzilla.suse.com/1088313
https://bugzilla.suse.com/1088324
https://bugzilla.suse.com/1088600
https://bugzilla.suse.com/1088684
https://bugzilla.suse.com/1088871
https://bugzilla.suse.com/802154
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2018:1047-1: important: Security update for PackageKit
by opensuse-security@opensuse.org 23 Apr '18
by opensuse-security@opensuse.org 23 Apr '18
23 Apr '18
SUSE Security Update: Security update for PackageKit
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1047-1
Rating: important
References: #1086936
Cross-References: CVE-2018-1106
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
- CVE-2018-1106: Drop the polkit rule which could allow users in wheel
group to install packages without root password (bsc#1086936).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP3:
zypper in -t patch SUSE-SLE-WE-12-SP3-2018-719=1
- SUSE Linux Enterprise Software Development Kit 12-SP3:
zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-719=1
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-719=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-719=1
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):
PackageKit-debuginfo-1.1.3-24.6.1
PackageKit-debugsource-1.1.3-24.6.1
PackageKit-gstreamer-plugin-1.1.3-24.6.1
PackageKit-gstreamer-plugin-debuginfo-1.1.3-24.6.1
PackageKit-gtk3-module-1.1.3-24.6.1
PackageKit-gtk3-module-debuginfo-1.1.3-24.6.1
- SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):
PackageKit-debuginfo-1.1.3-24.6.1
PackageKit-debugsource-1.1.3-24.6.1
PackageKit-devel-1.1.3-24.6.1
PackageKit-devel-debuginfo-1.1.3-24.6.1
libpackagekit-glib2-devel-1.1.3-24.6.1
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
PackageKit-1.1.3-24.6.1
PackageKit-backend-zypp-1.1.3-24.6.1
PackageKit-backend-zypp-debuginfo-1.1.3-24.6.1
PackageKit-debuginfo-1.1.3-24.6.1
PackageKit-debugsource-1.1.3-24.6.1
libpackagekit-glib2-18-1.1.3-24.6.1
libpackagekit-glib2-18-debuginfo-1.1.3-24.6.1
typelib-1_0-PackageKitGlib-1_0-1.1.3-24.6.1
- SUSE Linux Enterprise Server 12-SP3 (noarch):
PackageKit-lang-1.1.3-24.6.1
- SUSE Linux Enterprise Desktop 12-SP3 (noarch):
PackageKit-lang-1.1.3-24.6.1
- SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
PackageKit-1.1.3-24.6.1
PackageKit-backend-zypp-1.1.3-24.6.1
PackageKit-backend-zypp-debuginfo-1.1.3-24.6.1
PackageKit-debuginfo-1.1.3-24.6.1
PackageKit-debugsource-1.1.3-24.6.1
PackageKit-gstreamer-plugin-1.1.3-24.6.1
PackageKit-gstreamer-plugin-debuginfo-1.1.3-24.6.1
PackageKit-gtk3-module-1.1.3-24.6.1
PackageKit-gtk3-module-debuginfo-1.1.3-24.6.1
libpackagekit-glib2-18-1.1.3-24.6.1
libpackagekit-glib2-18-debuginfo-1.1.3-24.6.1
typelib-1_0-PackageKitGlib-1_0-1.1.3-24.6.1
References:
https://www.suse.com/security/cve/CVE-2018-1106.html
https://bugzilla.suse.com/1086936
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0