Hi, we are quite confused about the current kernel updates from Novell. 1) Two weeks ago we got this announcement for SLES 11 SP1: Marcus Meissner wrote
______________________________________________________________________________
SUSE Security Announcement
Package: kernel Announcement ID: SUSE-SA:2010:050 Date: Wed, 13 Oct 2010 17:00:00 +0000 Affected Products: SLE 11 SERVER Unsupported Extras SUSE Linux Enterprise High Availability Extension 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 Vulnerability Type: local privilege escalation CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) SUSE Default Package: yes Cross-References: CVE-2010-2954, CVE-2010-2960, CVE-2010-2962 CVE-2010-3078, CVE-2010-3079, CVE-2010-3080 CVE-2010-3081, CVE-2010-3296, CVE-2010-3297 CVE-2010-3298, CVE-2010-3310
The new kernel packages offered with this announcmente had the version/release kernel-default-2.6.32.23-0.3.1. 2) Yesterday there was an announcment from the Novell customer center for SLES 11 SP1: 26 Oct 2010 Novell Customer Center ... 11. Security update for the Linux kernel SUSE Linux Enterprise Server 11 for x86-64 http://download.novell.com/Download?buildid=XqWyWoma4DM~ The link leads to a page with: "the Linux kernel (x86_64) 20100617 ... kernel-default-2.6.32.13-0.4.1.x86_64.rpm" Thus, way older than what you announced on Oct. 13th. 3) And tonight our yup mirroring of the Novell server downloaded kernel packages with version/release: kernel-default-2.6.32.19-0.2.1 which was the current kernel before the release from Oct. 13th. I guess the .23 version is still supposed to be the latest one, but what's about the new announcmente from yesterday and all these old packages? cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. * -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org