[opensuse-security] Re: [security-announce] SUSE-SU-2014:0459-1: important: Security update for Linux Kernel
On Fri, 28 Mar 2014, opensuse-security@opensuse.org wrote:
SUSE Security Update: Security update for Linux Kernel ______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0459-1 Rating: important References: #599263 #827670 #833968 #844513 #846790 #847672 #852488 #852967 #853162 #853166 #853455 #854025 #854445 #855825 #855885 #856848 #857358 #857643 #858604 #859225 #859342 #861093 #862796 #862957 #863178 #863526 #864025 #864058 #864833 #864880 #865342 #865783 #866253 #866428 Cross-References: CVE-2013-4470 CVE-2013-6885 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-0069
Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________
This announcement came out a week ago, but so far I haven't seen any of the patches it mentions...have they got stuck somewhere or am I doing something wrong? I have run 'zypper lp' on three different SLES11SP3 systems and none of them reports a kernel patch. e.g. # zypper lr | grep SP3-Up 17 | nu_novell_com:SLES11-SP3-Updates | SLES11-SP3-Updates | Yes | Yes # zypper lp Refreshing service 'nu_novell_com'. Loading repository data... Reading installed packages... Repository | Name | Version | Category | Status -------------------+--------------------+---------+-------------+------- SLES11-SP3-Updates | slessp3-kpartx | 9058 | recommended | needed SLES11-SP3-Updates | slessp3-sudo | 9044 | security | needed SLES11-SP3-Updates | slessp3-xen-201402 | 8973 | security | needed # rpm -qf /boot/vmlinuz-xen kernel-xen-base-3.0.101-0.15.1 # uname -a Linux www 3.0.101-0.15-xen #1 SMP Wed Jan 22 15:49:03 UTC 2014 (5c01f4e) x86_64 x86_64 x86_64 GNU/Linux I have a maintenance window on Tuesday so want to resolve this by Monday if possible. Bob -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Bob, the kernel had a regression that leads to an unusable system. Therefore we removed the kernel from the download servers and are currently working on fixing the bug. A new kernel will be released as soon as this regression was fixed. Best regards, Thomas Am 04.04.2014 17:55, schrieb R.Vickers@rhul.ac.uk:
On Fri, 28 Mar 2014, opensuse-security@opensuse.org wrote:
SUSE Security Update: Security update for Linux Kernel ______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0459-1
Rating: important References: #599263 #827670 #833968 #844513 #846790 #847672 #852488 #852967 #853162 #853166 #853455 #854025 #854445 #855825 #855885 #856848 #857358 #857643 #858604 #859225 #859342 #861093 #862796 #862957 #863178 #863526 #864025 #864058 #864833 #864880 #865342 #865783 #866253 #866428 Cross-References: CVE-2013-4470 CVE-2013-6885 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-0069
Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________
This announcement came out a week ago, but so far I haven't seen any of the patches it mentions...have they got stuck somewhere or am I doing something wrong? I have run 'zypper lp' on three different SLES11SP3 systems and none of them reports a kernel patch.
e.g. # zypper lr | grep SP3-Up 17 | nu_novell_com:SLES11-SP3-Updates | SLES11-SP3-Updates | Yes | Yes
# zypper lp Refreshing service 'nu_novell_com'. Loading repository data... Reading installed packages...
Repository | Name | Version | Category | Status -------------------+--------------------+---------+-------------+-------
SLES11-SP3-Updates | slessp3-kpartx | 9058 | recommended | needed
SLES11-SP3-Updates | slessp3-sudo | 9044 | security | needed SLES11-SP3-Updates | slessp3-xen-201402 | 8973 | security | needed
# rpm -qf /boot/vmlinuz-xen kernel-xen-base-3.0.101-0.15.1
# uname -a Linux www 3.0.101-0.15-xen #1 SMP Wed Jan 22 15:49:03 UTC 2014 (5c01f4e) x86_64 x86_64 x86_64 GNU/Linux
I have a maintenance window on Tuesday so want to resolve this by Monday if possible.
Bob
- -- Thomas Biege <thomas@suse.de>, Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) - -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTPtgyAAoJEJqHoVJVjr8Dki8H/jgW8mw7bcIadyoOqMW6ni2k +FTckoteQ2EvWiJjvpvZV6y8n9m5hiAmryhwwU26M9g3ZroXqZt0r4WdYcelO//3 eg5zULp/Kfr88WuVZIHgsSXIelXLDPyBy6gNvd9uwrIZGzDR7f/PJqbIao6jVEU0 gewNn4tYtRSycc0i0mdSQ4aYn1G+Gs7dc6tBjUA5h/f2fMEceUEEcEnf2sxEFdP5 6hgDbuTrnwzXCMM9ofzNc+Jsjmb3oKsyLOwE7yNgAroMc+J+63YCZ8YYhf7wVFG5 4V0/yoy3PlHNYC5RtZjL/VC0mnaLAHhSAfpG0g8iPjqy8MPQSTOukunGu7zTmqk= =YeHW -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (2)
-
R.Vickers@rhul.ac.uk -
Thomas Biege