-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2006:079 Date: Thu, 21 Dec 2006 14:00:00 +0000 Affected Products: Novell Linux Desktop 9 Novell Linux POS 9 Open Enterprise Server SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 Vulnerability Type: remote denial of service local denial of service local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-3741, CVE-2006-4145, CVE-2006-4538 CVE-2006-4572, CVE-2006-4623, CVE-2006-4813 CVE-2006-4997, CVE-2006-5173, CVE-2006-5174 CVE-2006-5619, CVE-2006-5648, CVE-2006-5649 CVE-2006-5751, CVE-2006-5757, CVE-2006-5823 CVE-2006-6053, CVE-2006-6054, CVE-2006-6056 CVE-2006-6060 Content of This Advisory: 1) Security Vulnerability Resolved: various kernel security problems Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The Linux 2.6 kernel has been updated to fix various security issues. On SUSE Linux Enterprise Server 9 and SUSE Linux Enterprise 10 and their derived products this update also contains various bugfixes. - CVE-2006-4145: A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. - CVE-2006-4623: A problem in DVB packet handling could be used to crash the machine when receiving DVB net packages is active. - CVE-2006-3741: A struct file leak was fixed in the perfmon(2) system call on the Itanium architecture. - CVE-2006-4538: A malformed ELF image can be used on the Itanium architecture to trigger a kernel crash (denial of service) when a local attacker can supply it to be started. - CVE-2006-4997: A problem in the ATM protocol handling clip_mkip function could be used by remote attackers to potentially crash the machine. - CVE-2006-5757/ CVE-2006-6060: A problem in the grow_buffers function could be used to crash or hang the machine using a corrupted filesystem. This affects filesystem types ISO9660 and NTFS. - CVE-2006-5173: On the i386 architecture the EFLAGS content was not correctly saved, which could be used by local attackers to crash other programs using the AC and NT flag or to escalate privileges by waiting for iopl privileges to be leaked. - CVE-2006-5174: On the S/390 architecture copy_from_user() could be used by local attackers to read kernel memory. - CVE-2006-5619: A problem in IPv6 flow label handling can be used by local attackers to hang the machine. - CVE-2006-5648: On the PowerPC architecture a syscall has been wired without the proper futex implementation that can be exploited by a local attacker to hang the machine. - CVE-2006-5649: On the PowerPC architecture the proper futex implementation was missing a fix for alignment check which could be used by a local attacker to crash the machine. - CVE-2006-5823: A problem in cramfs could be used to crash the machine during mounting a crafted cramfs image. This requires an attacker to supply such a crafted image and have a user mount it. - CVE-2006-6053: A problem in the ext3 filesystem could be used by attackers able to supply a crafted ext3 image to cause a denial of service or further data corruption if a user mounts this image. - CVE-2006-6054: A problem in the ext2 filesystem could be used by attackers supplying crafted ext2 images to users could crash the machine during mount. - CVE-2006-6056: Missing return code checking in the HFS could be used to crash machine when a user complicit attacker is able to supply a specially crafted HFS image. - CVE-2006-4572: Multiple unspecified vulnerabilities in netfilter for IPv6 code allow remote attackers to bypass intended restrictions via fragmentation attack vectors, aka (1) "ip6_tables protocol bypass bug" and (2) "ip6_tables extension header bypass bug". - CVE-2006-5751: An integer overflow in the networking bridge ioctl starting with Kernel 2.6.7 could be used by local attackers to overflow kernel memory buffers and potentially escalate privileges. - CVE-2006-4813: A information leak in __block_prepare_write was fixed, which could disclose private information of previously unlinked files. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Reboot the machine after installing this update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-bigsmp-2.6.16.27-0.6.i586.rpm 20362ce00889e9eac688faa59ad0f301 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-debug-2.6.16.27-0.6.i586.rpm eb33b9f8581bc89d3a4a3feecf197ef5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-default-2.6.16.27-0.6.i586.rpm 1879d07a3b908ff8b87c507860070118 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-kdump-2.6.16.27-0.6.i586.rpm 04f60041ee278134b38e7fd9e56ef102 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-smp-2.6.16.27-0.6.i586.rpm bc1d9c70715b5dd3495558f175abd1bf ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-source-2.6.16.27-0.6.i586.rpm 720a9e6cbf2f3594a718db1d74b0e901 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-syms-2.6.16.27-0.6.i586.rpm fca30f1add27cb21d32eac318279f3f9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-um-2.6.16.27-0.6.i586.rpm 1af0a0a78a6cf463b04f77b52e63b57c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xen-2.6.16.27-0.6.i586.rpm 2f0499125c0aa167a2391e654c5b043b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xenpae-2.6.16.27-0.6.i586.rpm 3865d785615cf7dbbe7cae8dc5c2445e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kexec-tools-1.101-32.20.i586.rpm c6a2bbd256a70b7cd2e4bb25f04b2771 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mkinitrd-1.2-106.25.i586.rpm 9a26035aa882c88c7dbda60bed64e729 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/multipath-tools-0.4.6-25.14.i586.rpm a4405ddbca3a81a15811a385760d135b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/open-iscsi-0.5.545-9.16.i586.rpm 738e1ad997da16145fa6392dff59dbd2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085-30.16.i586.rpm e5ca4700bcbce7f4e247a04552554c52 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/Intel-536ep-4.69-14.8.i586.rpm 779716bea2ce468f73b5e7be2c36cf97 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-2.6.13-15.13.i586.rpm b95098cd1879df7c3a0bdcbe1e206e64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-nongpl-2.6.13-15.13.i586.rpm 70cf8aaeca7af078edc0907d934cf16a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-2.6.13-15.13.i586.rpm c0aee85951759f60f10031034a0710ea ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-nongpl-2.6.13-15.13.i586.rpm 5081580d742671f6a1c1654e682b0b3c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-2.6.13-15.13.i586.rpm fcd605a287b8ab5af504f50f7a5cd04d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-nongpl-2.6.13-15.13.i586.rpm 5ccb28594c3bbfd3f0d55057321f0dd3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-source-2.6.13-15.13.i586.rpm 9e59562a1131efca6852d4679256236a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-syms-2.6.13-15.13.i586.rpm 3fad95aae4eeba413f61304941171628 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-2.6.13-15.13.i586.rpm 05622beea615d8b312b4953b61b90021 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-nongpl-2.6.13-15.13.i586.rpm 2a59f92c159da861adcb5f7e278a3e02 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-2.6.13-15.13.i586.rpm e630316df432d5523b00edd66a7cfcd6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-nongpl-2.6.13-15.13.i586.rpm 0894832e10d0b58235d2578e67cc928c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/um-host-kernel-2.6.13-15.13.i586.rpm be464dab1cbc94dbb67ee7f84f8c9aa9 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/Intel-536ep-4.69-10.9.i586.rpm 1d3ad978025b9d97bb7a90db61356da8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-2.6.11.4-21.15.i586.rpm f225c96f36550606ea68f4ac3bfe74dc ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-nongpl-2.6.11.4-21.15.i586.rpm f35b5c66a2ba4437eec2b8b810eb5c6b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-2.6.11.4-21.15.i586.rpm f444923fb3756410f2830dfa19b9774d ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-nongpl-2.6.11.4-21.15.i586.rpm 2e07056e10890ffbd50c59abb40befe1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-2.6.11.4-21.15.i586.rpm 096868f28a76e95f1ebc9338b110a5f0 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-nongpl-2.6.11.4-21.15.i586.rpm a84bf62f441f32f09884c07693c5aa18 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-source-2.6.11.4-21.15.i586.rpm 3544a5b183926981b591f89626033781 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-syms-2.6.11.4-21.15.i586.rpm d46db3e4da45262de1bf61c5b9e6a9a3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-2.6.11.4-21.15.i586.rpm f7d32fd8d0d38f0b9ac1f0cf98ab1a1c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-nongpl-2.6.11.4-21.15.i586.rpm a862ec208be9e31dcff7dbf7c540d5a4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-2.6.11.4-21.15.i586.rpm 5323a6c912bf2ea3aecfe01f1f25029f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-nongpl-2.6.11.4-21.15.i586.rpm f6ec0b9626fed9f54919415fa5d262a5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ltmodem-8.31a10-7.9.i586.rpm 116853b601518db7e3f081a38cd7e448 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-host-install-initrd-1.0-50.9.i586.rpm 4c566b558056292cbc8730c6a8275e19 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-host-kernel-2.6.11.4-21.15.i586.rpm 8082e95baeadd7527787d7ef960fea3b Platform Independent: SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/noarch/kernel-docs-2.6.11.4-21.15.noarch.rpm b010aa9454cc8b1631fc271148bfc99e Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-default-2.6.16.27-0.6.ppc.rpm f7cf4448592556658428a4d6c1f80a26 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-iseries64-2.6.16.27-0.6.ppc.rpm 00d04e7cfbc9b27dc5dca9dcd9c715d2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-kdump-2.6.16.27-0.6.ppc.rpm 98faf70272be4b6abd887f4d04fc6284 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-ppc64-2.6.16.27-0.6.ppc.rpm 1411437f7005f90d7083d8fb5cad99ce ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-source-2.6.16.27-0.6.ppc.rpm edbbb370525bfb9caefe22c563b73b7a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-syms-2.6.16.27-0.6.ppc.rpm d15067647e646c65245934dc21cf6d13 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-1.2-106.25.ppc.rpm 5b244ec190ab5e8432d04b286fd595c3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/multipath-tools-0.4.6-25.14.ppc.rpm 2592ff0cebfee11a54163a86354e9c40 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/open-iscsi-0.5.545-9.16.ppc.rpm 5c6faf58161ef7607c29eafb995698d9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-30.16.ppc.rpm 40b7b338af66872ba3ab5cf4b2f0e792 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2.6.13-15.13.ppc.rpm 3f99986f3194d8a6b1dcfa9bc737387a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-iseries64-2.6.13-15.13.ppc.rpm 44273fe733fb0f6227fddcc3d93bf723 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-ppc64-2.6.13-15.13.ppc.rpm 880f61aa27d2cf85f687b63536f9b76a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-source-2.6.13-15.13.ppc.rpm 78995147e37e08ce50e06d9f4b6bdd43 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-syms-2.6.13-15.13.ppc.rpm b38cf17b95ffefe1177c5e50b0fb7f5f x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-debug-2.6.16.27-0.6.x86_64.rpm 36d4798029d37d58e04d4e088c857d05 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-default-2.6.16.27-0.6.x86_64.rpm 8f8d92d0d3bd28abab96593619f7e110 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-kdump-2.6.16.27-0.6.x86_64.rpm 422a4e7a8330bbefc616acf90cde155c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-smp-2.6.16.27-0.6.x86_64.rpm b49a2612377a09dcda55bfc7b077559b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-source-2.6.16.27-0.6.x86_64.rpm 0da3b45f9e5c7f679fbb5633baaf0370 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-syms-2.6.16.27-0.6.x86_64.rpm 78de774b4943c716f071e15843c061b7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-xen-2.6.16.27-0.6.x86_64.rpm 3d68e95abd041b2131118b1cff963703 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kexec-tools-1.101-32.20.x86_64.rpm 50b692b9662c0308cd3fb83573a1d10c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mkinitrd-1.2-106.25.x86_64.rpm f48e546e789c3590e617484c38cab9ac ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/multipath-tools-0.4.6-25.14.x86_64.rpm 9cf969cf4bb76b77ae13ebc287908cc9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/open-iscsi-0.5.545-9.16.x86_64.rpm 42c6343b258e4363ccb510f429555857 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/udev-085-30.16.x86_64.rpm c28d409a7cb6edbc077e0edd5fccf91a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default-2.6.13-15.13.x86_64.rpm 194e64a59862dcebba2b7e58818747b4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default-nongpl-2.6.13-15.13.x86_64.rpm 3fa5ca85656cb037a72a1d1855d38d7f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-2.6.13-15.13.x86_64.rpm ddb5c45b75d967a52ee39dbd71ffc52e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-nongpl-2.6.13-15.13.x86_64.rpm ca21f69550373f05fbff08b2c4505203 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-source-2.6.13-15.13.x86_64.rpm a1143a950fe7f50f5664f7a009a0b796 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-syms-2.6.13-15.13.x86_64.rpm b6bf0d933792855235b6fe848328f05b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-2.6.13-15.13.x86_64.rpm be16a4f55e8e5b69f9677ed9ebee29e9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-nongpl-2.6.13-15.13.x86_64.rpm 0466ac6e4d01edaf3cd702859e4d0f0e SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-default-2.6.11.4-21.15.x86_64.rpm e3ccbf0a746cbc8f91a53864c7cc44f4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-default-nongpl-2.6.11.4-21.15.x86_64.rpm df750c05231346c502f54c23a60c67e2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-smp-2.6.11.4-21.15.x86_64.rpm 09e22d0a4b0826687ce68ba535b53d40 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-smp-nongpl-2.6.11.4-21.15.x86_64.rpm 7163a5cc8545db178688d3d23817c375 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-source-2.6.11.4-21.15.x86_64.rpm 6457587a33198b4fcd04b3ed2c99b589 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-syms-2.6.11.4-21.15.x86_64.rpm 23a663cd7658a95e02b8fd46b8b3e810 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-bigsmp-2.6.16.27-0.6.nosrc.rpm b35b46b9331de972842e5869a4944d3f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-debug-2.6.16.27-0.6.nosrc.rpm e657caa01e2c07019f8cc889777f11b7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-default-2.6.16.27-0.6.nosrc.rpm eebf35ce636a741f9bc47a2fa382ce76 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-iseries64-2.6.16.27-0.6.nosrc.rpm d09b683ab819709aadf9ece6b3f3e707 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-kdump-2.6.16.27-0.6.nosrc.rpm 617e45734469b9dd49cd44e1a9e024bc ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-ppc64-2.6.16.27-0.6.nosrc.rpm 197bf280a2b992f24d1827c0d081d8e0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-smp-2.6.16.27-0.6.nosrc.rpm 0d164685b97350f60bb13b2408b3e0f6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-source-2.6.16.27-0.6.src.rpm 948af0a9a23e466e00102d1412ca6aea ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-syms-2.6.16.27-0.6.src.rpm 5ab46df57270adabab766f3f08f04f3f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-um-2.6.16.27-0.6.nosrc.rpm 8a8d3d518e01d9477d4bb11680239d3b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xen-2.6.16.27-0.6.nosrc.rpm ef135de71f6434a981bed66f01f3a606 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xenpae-2.6.16.27-0.6.nosrc.rpm d2145a8c27a2324e0a6bf048c27c8a7e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kexec-tools-1.101-32.20.src.rpm 07a7cf8799deffdd0f5606ba4c6e6fe7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-1.2-106.25.src.rpm 8ac081406c2636d27412aa2c41d6cfe8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/multipath-tools-0.4.6-25.14.src.rpm 642fb05f65f4629b60b98d72a3333efe ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/open-iscsi-0.5.545-9.16.src.rpm f52ea025e7ea1a9e131c13e5a6018775 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-30.16.src.rpm cbd7aa05bc56bbbfed68ea4611ac16dc SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/Intel-536ep-4.69-14.8.src.rpm cea6899a95d45178d21168b6aa4dd922 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-bigsmp-2.6.13-15.13.nosrc.rpm 98260538fb3afb196a0fb1f52edc00c5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-default-2.6.13-15.13.nosrc.rpm f0a9e177557eb196adba8d19c6e06f4e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-iseries64-2.6.13-15.13.nosrc.rpm bc5365eda00fd8db053b4dbe16e168c3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-ppc64-2.6.13-15.13.nosrc.rpm 72c601464252532948d3ab8ea73b872a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-smp-2.6.13-15.13.nosrc.rpm 9576c07ca12e6f50e86d0d063cd16df2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-source-2.6.13-15.13.nosrc.rpm 47b3c7e171c000824e42aa594e7681d3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-source-2.6.13-15.13.src.rpm 003debda7e60a61eaf01f2798bb1fa65 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-syms-2.6.13-15.13.src.rpm 9cba4d63d45f4d4c908b137c5e069bb7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-um-2.6.13-15.13.nosrc.rpm 2cfa5afc504eda54df8116c5ce42c23e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-xen-2.6.13-15.13.nosrc.rpm 16c0f03172d069271f515dbeb24eb19b SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/Intel-536ep-4.69-10.9.src.rpm f3f522d91ffba19568e1d0fe6142deb9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-bigsmp-2.6.11.4-21.15.nosrc.rpm 24fb636744affbe2f7c96a9140b2def1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-default-2.6.11.4-21.15.nosrc.rpm a68261d68dec7866b7b3f2d3b9d6f1f0 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-docs-2.6.11.4-21.15.src.rpm 4fa98524a2dbb11d5e8f38f161c79c94 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-smp-2.6.11.4-21.15.nosrc.rpm 59936703da3fa4c3f06d709d91a4f05a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-source-2.6.11.4-21.15.src.rpm a1862d7ee039c35b9dfd2bf61a3396e5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-syms-2.6.11.4-21.15.src.rpm a0caf67ace3014157e0c0bfcbd1143b6 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-um-2.6.11.4-21.15.nosrc.rpm c64e46fd270b095a1d57ac9cf1c895ed ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-xen-2.6.11.4-21.15.nosrc.rpm 574b65b39dfe4f65fa7d18cdd1b8f2ba ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/ltmodem-8.31a10-7.9.src.rpm ebe62382458daba958312b5cde956883 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/um-host-install-initrd-1.0-50.9.src.rpm 4ec6d9d84c4f7d606ef699fb3b2ddb23 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 for x86 http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.h... Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.h... http://support.novell.com/techcenter/psdb/06a879ef6bcde6c750e9ee4e43ccc446.h... Novell Linux Desktop 9 for x86_64 http://support.novell.com/techcenter/psdb/06a879ef6bcde6c750e9ee4e43ccc446.h... SUSE SLED 10 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.h... SUSE SLES 10 http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.h... http://support.novell.com/techcenter/psdb/8d1bb2f1def9904433821604ff90783e.h... http://support.novell.com/techcenter/psdb/dd622f88b5acaa6cb876b101236a952e.h... http://support.novell.com/techcenter/psdb/87e2c4f32a1d32427f4f6a08a52ff58e.h... http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.h... SUSE SLED 10 http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.h... http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.h... SUSE SLED 10 for x86 http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.h... SUSE CORE 9 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/8256ebb61cc00811a06c0fd252c18d5a.h... SUSE CORE 9 for IBM zSeries 64bit http://support.novell.com/techcenter/psdb/dc588035c8569c0fba9c9e33685f698c.h... SUSE CORE 9 for IBM S/390 31bit http://support.novell.com/techcenter/psdb/36b4bba8bf8a44877f22acb24254f105.h... SUSE CORE 9 for IBM POWER http://support.novell.com/techcenter/psdb/f74c89856bd24e4e5b10b44a1b7fb438.h... SUSE CORE 9 for Itanium Processor Family http://support.novell.com/techcenter/psdb/7ac58979c59cf50840e70f4bc277e4f8.h... SUSE SLES 9 http://support.novell.com/techcenter/psdb/8256ebb61cc00811a06c0fd252c18d5a.h... http://support.novell.com/techcenter/psdb/dc588035c8569c0fba9c9e33685f698c.h... http://support.novell.com/techcenter/psdb/36b4bba8bf8a44877f22acb24254f105.h... http://support.novell.com/techcenter/psdb/f74c89856bd24e4e5b10b44a1b7fb438.h... http://support.novell.com/techcenter/psdb/7ac58979c59cf50840e70f4bc277e4f8.h... http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.h... Open Enterprise Server http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.h... http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.h... Novell Linux POS 9 http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.h... http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.h... SUSE CORE 9 for x86 http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.h... http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.h... ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security@suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security@suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe@opensuse.org>. suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe@suse.com>. ===================================================================== SUSE's security contact is <security@suse.com> or <security@suse.de>. The <security@suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYqESney5gA9JdPZAQLNsQf+PjfXteMrCIgsJUqPmLADG3dCNSa88QFh OICkFqglISmNDNSK6/cM94HlFAE+8HQChKvCdUNiwuK2YZ1yTylI6NTnIuGQDHOZ OTkWS4Afbor6s3KlsNPCuGvVTu4o1hZj/flYsvPF98nC22Kljllop/oyqJMFhWcK g8N0jGqiIqzuwCqOivpnAIt9Q37Z+q1NxRnNvz4TKs4rinCzp533zmf/kXUbM4p7 mppmJYmHWtvhVOLehfvZXCOS7CNp3FVhPBl80d1n4XObrmaqQoGUgsi/vAUueI3x 4ma8T/HyfgEXFSa2jGfdBUvFtGC/8FUCdwBbsohn5aAbb0HNsufMjw== =4I/U -----END PGP SIGNATURE-----