Mailinglist Archive: opensuse-updates (200 mails)

< Previous Next >
openSUSE-SU-2013:0923-1: moderate: kernel: security and bugfix update
openSUSE Security Update: kernel: security and bugfix update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:0923-1
Rating: moderate
References: #800686 #802812 #806966 #806980 #806990 #807850
#808829 #809155 #809330 #809748 #811417 #812113

Cross-References: CVE-2013-0913 CVE-2013-1796 CVE-2013-1797
CVE-2013-1798 CVE-2013-1848
Affected Products:
openSUSE 12.3
______________________________________________________________________________

An update that solves 5 vulnerabilities and has 7 fixes is
now available.

Description:


The openSUSE 12.3 kernel was updated to fix various
security issues and bugs:

- config.conf: Disable armv7hl/u8500 until it builds again

-
patches.fixes/ocfs2-Fix-oops-in-ocfs2_fast_symlink_readpage:
ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code
path

- drm/nouveau: Fix typo in init_idx_addr_latched()
(bnc#800686).

- rtl28xxu: Add USB ID for MaxMedia HU394-T (bnc#812113).
- rtl28xxu: Add USB IDs for Compro VideoMate U620F
(bnc#812113).
- Support Digivox Mini HD (rtl2832) (bnc#812113).
- rtl28xxu: correct some device names (bnc#812113).
- rtl28xxu: add Gigabyte U7300 DVB-T Dongle (bnc#812113).
- rtl28xxu: [1b80:d3a8] ASUS My Cinema-U3100Mini Plus V2
(bnc#812113).
- rtl28xxu: add NOXON DAB/DAB+ USB dongle rev 2
(bnc#812113).

- drm: correctly restore mappings if drm_open fails
(bnc#807850).

- Drivers: hv: vmbus: Fix a bug in hv_need_to_signal()
(bnc#811417).

- svcrpc: fix rpc server shutdown races (bnc#802812).

- Update patches to what was accepted upstream.
- Refresh
patches.arch/kvm-convert-msr_kvm_system_time-to-use-gfn_to_h
va_cache_init.patch.
- Refresh
patches.arch/kvm-fix-for-buffer-overflow-in-handling-of-msr_
kvm_system_time.patch.

- KVM: Convert MSR_KVM_SYSTEM_TIME to use
gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).
- KVM: Fix bounds checking in ioapic indirect register read
(bnc#806980 CVE-2013-1798).
- KVM: Fix for buffer overflow in handling of
MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).
- kabi/severities: Allow kvm abi changes - kvm modules are
self consistent

- loopdev: fix a deadlock (bnc#809748).
- block: use i_size_write() in bd_set_size() (bnc#809748).

- drm/i915: bounds check execbuffer relocation count
(bnc#808829,CVE-2013-0913).

- TTY: do not reset master's packet mode (bnc#809330).

- Update patches.fixes/ext3-Fix-format-string-issues.patch
(bnc#809155 CVE-2013-1848).

- ext3: Fix format string issues (bnc#809155).

- Drivers: hv: balloon: Do not request completion
notification (fate#314663).

- e1000e: fix runtime power management transitions
(bnc#806966).
- e1000e: fix pci-device enable-counter balance
(bnc#806966).
- e1000e: fix accessing to suspended device (bnc#806966).

- gpio-ich: Fix ichx_gpio_check_available() return what
callers expect.

- gpio/ich: Add missing spinlock init.

- Refresh patches.suse/SUSE-bootsplash-mgadrmfb-workaround.
Add the same w/a for ast and cirrus KMS, too (bnc#806990).

- Fix broken VT1 output with mgadrmfb (bnc#806990).

- PCI/PM: Clear state_saved during suspend (bnc#806966).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.3:

zypper in -t patch openSUSE-2013-398

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.3 (i586 x86_64):

kernel-default-3.7.10-1.4.1
kernel-default-base-3.7.10-1.4.1
kernel-default-devel-3.7.10-1.4.1
kernel-syms-3.7.10-1.4.1

- openSUSE 12.3 (i686 x86_64):

kernel-debug-3.7.10-1.4.1
kernel-debug-base-3.7.10-1.4.1
kernel-debug-devel-3.7.10-1.4.1
kernel-desktop-3.7.10-1.4.1
kernel-desktop-base-3.7.10-1.4.1
kernel-desktop-devel-3.7.10-1.4.1
kernel-ec2-3.7.10-1.4.1
kernel-ec2-base-3.7.10-1.4.1
kernel-ec2-base-debuginfo-3.7.10-1.4.1
kernel-ec2-debuginfo-3.7.10-1.4.1
kernel-ec2-debugsource-3.7.10-1.4.1
kernel-ec2-devel-3.7.10-1.4.1
kernel-ec2-devel-debuginfo-3.7.10-1.4.1
kernel-trace-3.7.10-1.4.1
kernel-trace-base-3.7.10-1.4.1
kernel-trace-devel-3.7.10-1.4.1
kernel-vanilla-3.7.10-1.4.1
kernel-vanilla-devel-3.7.10-1.4.1
kernel-xen-3.7.10-1.4.1
kernel-xen-base-3.7.10-1.4.1
kernel-xen-devel-3.7.10-1.4.1

- openSUSE 12.3 (noarch):

kernel-devel-3.7.10-1.4.1
kernel-docs-3.7.10-1.4.3
kernel-source-3.7.10-1.4.1
kernel-source-vanilla-3.7.10-1.4.1

- openSUSE 12.3 (i686):

kernel-debug-base-debuginfo-3.7.10-1.4.1
kernel-debug-debuginfo-3.7.10-1.4.1
kernel-debug-debugsource-3.7.10-1.4.1
kernel-debug-devel-debuginfo-3.7.10-1.4.1
kernel-desktop-base-debuginfo-3.7.10-1.4.1
kernel-desktop-debuginfo-3.7.10-1.4.1
kernel-desktop-debugsource-3.7.10-1.4.1
kernel-desktop-devel-debuginfo-3.7.10-1.4.1
kernel-pae-3.7.10-1.4.1
kernel-pae-base-3.7.10-1.4.1
kernel-pae-base-debuginfo-3.7.10-1.4.1
kernel-pae-debuginfo-3.7.10-1.4.1
kernel-pae-debugsource-3.7.10-1.4.1
kernel-pae-devel-3.7.10-1.4.1
kernel-pae-devel-debuginfo-3.7.10-1.4.1
kernel-trace-base-debuginfo-3.7.10-1.4.1
kernel-trace-debuginfo-3.7.10-1.4.1
kernel-trace-debugsource-3.7.10-1.4.1
kernel-trace-devel-debuginfo-3.7.10-1.4.1
kernel-vanilla-debuginfo-3.7.10-1.4.1
kernel-vanilla-debugsource-3.7.10-1.4.1
kernel-vanilla-devel-debuginfo-3.7.10-1.4.1
kernel-xen-base-debuginfo-3.7.10-1.4.1
kernel-xen-debuginfo-3.7.10-1.4.1
kernel-xen-debugsource-3.7.10-1.4.1
kernel-xen-devel-debuginfo-3.7.10-1.4.1

- openSUSE 12.3 (i586):

kernel-default-base-debuginfo-3.7.10-1.4.1
kernel-default-debuginfo-3.7.10-1.4.1
kernel-default-debugsource-3.7.10-1.4.1
kernel-default-devel-debuginfo-3.7.10-1.4.1


References:

http://support.novell.com/security/cve/CVE-2013-0913.html
http://support.novell.com/security/cve/CVE-2013-1796.html
http://support.novell.com/security/cve/CVE-2013-1797.html
http://support.novell.com/security/cve/CVE-2013-1798.html
http://support.novell.com/security/cve/CVE-2013-1848.html
https://bugzilla.novell.com/800686
https://bugzilla.novell.com/802812
https://bugzilla.novell.com/806966
https://bugzilla.novell.com/806980
https://bugzilla.novell.com/806990
https://bugzilla.novell.com/807850
https://bugzilla.novell.com/808829
https://bugzilla.novell.com/809155
https://bugzilla.novell.com/809330
https://bugzilla.novell.com/809748
https://bugzilla.novell.com/811417
https://bugzilla.novell.com/812113


< Previous Next >
This Thread
  • No further messages