SUSE-SU-2012:1016-1: moderate: kernel update for SLE11 SP2

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Aug 21 12:08:31 MDT 2012


   SUSE Security Update: kernel update for SLE11 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:1016-1
Rating:             moderate
References:         #705551 #715635 #718910 #720946 #738284 #744314 
                    #744655 #746509 #749291 #752352 #753172 #753353 
                    #754391 #754690 #755546 #755620 #756276 #756585 
                    #757059 #758703 #761775 #762366 #762414 #762991 
                    #763026 #763754 #763968 #764339 #766027 #766445 
                    #766733 #767281 #767469 #767684 #767983 #768052 
                    #768084 #768470 #768632 #769407 #769685 #769784 
                    #769896 #770034 #770238 #770269 #771102 #771242 
                    #771361 #771398 #771428 #771619 #771778 #772407 
                    #772420 #772566 #772831 #772893 #773006 #773251 
                    #773406 #773606 #773878 #774285 
Cross-References:   CVE-2012-3375 CVE-2012-3400
Affected Products:
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise High Availability Extension 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that solves two vulnerabilities and has 62 fixes
   is now available. It includes one version update.

Description:

   The SUSE Linux Enterprise 11 SP2 kernel was updated to
   3.0.38, fixing various bugs and security issues.

   Following security issues were fixed: CVE-2012-3400:
   Several buffer overread and overwrite errors in the UDF
   logical volume descriptor code were fixed that might have
   allowed local attackers able to mount UDF volumes to crash
   the kernel or potentially gain privileges.

   CVE-2012-3375: A denial of service (crash) in epoll was
   fixed.


   The three NTP leapsecond issues were fixed and are
   contained in Linux Kernel stable 3.0.38.

   The Libceph/ceph/rbd framework was imported for later Cloud
   storage usage.

   Various bug and security fixes were integrated from the
   Linux stable kernel 3.0.34-3.0.38 upgrade and are not
   explicitly listed here.

   Following other non-security issues were fixed: S/390:
   - dasd: Use correct queue for aborting requests.
   - dasd: Abort requests from correct queue.
   - [S390] Do not clobber personality flags on exec
   (bnc#770034).
   - dasd: Kick tasklet instead of processing the
   request_queue directly.
   - s390/kernel: CPU idle vs CPU hotplug
   (bnc#772407,LTC#83468).
   - lgr: Make lgr_page static (bnc#772407,LTC#83520).
   - s390/kernel: incorrect task size after fork of a 31 bit
   process (bnc#772407,LTC#83674).
   - dasd: Abort all requests on the request_queue, too
   (bnc#768084).
   - DASD: Add timeout attribute (bnc#771361).
   - dasd: Fixup typo in debugging message.
   - patches.suse/dasd-fail-all-requests-after-timeout.patch:
   Fixup handling of failfast requests (bnc#768084).
   - s390: allow zcrypt to /dev/random feeding to be resumed
   (bnc#718910)
   - s390/hypfs: Missing files and directories
   (bnc#769407,LTC#82838).
   - dasd: Fail all requests after timeout (bnc#768084).
   - s390/kernel: Add z/VM LGR detection
   (bnc#767281,LTC#RAS1203).

   BTRFS fixes (3.3-3.5+)
   - Btrfs: avoid sleeping in verify_parent_transid while
   atomic
   - Btrfs: fix btrfs_release_extent_buffer_page with the
   right usage of num_extent_pages
   - Btrfs: do not check delalloc when updating disk_i_size
   - Btrfs: look into the extent during find_all_leafs
   - Btrfs: do not set for_cow parameter for tree block
   functions
   - Btrfs: fix defrag regression
   - Btrfs: fix missing inherited flag in rename
   - Btrfs: do not resize a seeding device
   - Btrfs: cast devid to unsigned long long for printk %llu
   - Btrfs: add a missing spin_lock
   - Btrfs: restore restriper state on all mounts
   - Btrfs: resume balance on rw (re)mounts properly
   - Btrfs: fix tree log remove space corner case
   - Btrfs: hold a ref on the inode during writepages
   - Btrfs: do not return EINVAL instead of ENOMEM from
   open_ctree()
   - Btrfs: do not ignore errors from btrfs_cleanup_fs_roots()
   when mounting
   - Btrfs: fix error handling in __add_reloc_root()
   - Btrfs: return error of btrfs_update_inode() to caller
   - Btrfs: fix typo in cow_file_range_async and
   async_cow_submit
   - Btrfs: fix btrfs_is_free_space_inode to recognize btree
   inode
   - Btrfs: kill root from btrfs_is_free_space_inode
   - Btrfs: zero unused bytes in inode item
   - disable
   patches.suse/btrfs-8052-fix-wrong-information-of-the-directo
   ry-in-the-.patch (bnc#757059)

   XEN:
   - Refresh Xen patches (bnc#772831, add spinlock.nopoll
   option).
   - Update Xen patches to 3.0.35.
   - xen/thp: avoid atomic64_read in pmd_read_atomic for 32bit
   PAE (bnc#762991).
   - Update Xen config files
   (CONFIG_XEN_SPINLOCK_ACQUIRE_NESTING=1).

   MD:
   - md: Do not truncate size at 4TB for RAID0 and Linear
   - md/bitmap: Do not write bitmap while earlier writes might
   be in-fligh (bnc#771398).
   - md: Fixup blktrace information.
   - md: Abort pending request for RAID10 (bnc#773251).
   - md: add raid10 tracepoints (bnc#768084).
   - md: wakeup thread upon rdev_dec_pending() (bnc#771398).
   - md: Correctly register error code on failure.
   - md: Do not take mddev lock when reading rdev attributes
   from sysfs (bnc#772420).
   - md: unblock SET_DISK_FAULTY ioctl (bnc#768084).

   Hyper-V:
   - net/hyperv: Use wait_event on outstanding sends during
   device removal.
   - Tools: hv: verify origin of netlink connector message.
   - hyperv: Add support for setting MAC from within guests.
   - Drivers: hv: Change the hex constant to a decimal
   constant.
   - hyperv: Add error handling to rndis_filter_device_add().
   - hyperv: Add a check for ring_size value.
   - Drivers: hv: Cleanup the guest ID computation.
   - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER.

   Scheduler:
   - sched: Make sure to not re-read variables after
   validation (bnc#769685).
   - sched: Only queue remote wakeups when crossing cache
   boundaries part2 (bnc#754690).
   - sched: really revert latency defaults to SP1 values
   (bnc#754690).
   - sched: optimize latency defaults (bnc#754690).
   - sched: Save some hrtick_start_fair cycles (bnc#754690).
   - sched: use rt.nr_cpus_allowed to recover select_task_rq()
   cycles (bnc#754690).
   - sched: Set skip_clock_update in yield_task_fair()
   (bnc#754690).
   - sched: Do not call task_group() too many times in
   set_task_rq() (bnc#754690).
   - sched: ratelimit nohz (bnc#754690).
   - sched: Wrap scheduler p->cpus_allowed access (bnc#754690).
   - sched: Avoid SMT siblings in select_idle_sibling() if
   possible (bnc#754690).
   - sched: Clean up domain traversal in select_idle_sibling()
   (bnc#754690).
   - sched: Remove rcu_read_lock/unlock() from
   select_idle_sibling() (bnc#754690).
   - sched: Fix the sched group node allocation for SD_OVERLAP
   domains (bnc#754690).
   - sched: add SD_SHARE_PKG_RESOURCES domain flags proc
   handler (bnc#754690).
   - sched: fix select_idle_sibling() induced bouncing
   (bnc#754690).

   Other fixes:
   - rt2800: add chipset revision RT5390R support (bnc#772566).

   - reiserfs: fix deadlocks with quotas (bnc#774285).

   - VFS: avoid prepend_path warning about d_obtain_alias
   aliases (bnc#773006).

   - ntp: avoid printk under xtime_lock (bnc#767684).

   - kvm: kvmclock: apply kvmclock offset to guest wall clock
   time (bnc#766445).

   - bonding: allow all slave speeds (bnc#771428).

   - mm: hugetlbfs: Close race during teardown of hugetlbfs
   shared page tables.
   - mm: hugetlbfs: Correctly detect if page tables have just
   been shared.
   -
   patches.fixes/mm-hugetlb-decrement-mapcount-under-page_table
   _lock.patch: Delete. (Fix bad PMD message displayed
   while using hugetlbfs (bnc#762366)).

   - ALSA: hda - Evaluate gpio_led hints at the right moment
   (bnc#773878).

   - proc: stats: Use arch_idle_time for idle and iowait times
   if available (bnc#772893).

   - tcp: perform DMA to userspace only if there is a task
   waiting for it (bnc#773606).

   - rt2x00: fix rt3290 resuming failed (bnc#771778).

   - patches.suse/SUSE-bootsplash: Refresh. (Fix wrong vfree()
   (bnc#773406))

   - vhost: do not forget to schedule() (bnc#767983).

   - powerpc, kabi: reintroduce __cputime_msec_factor
   (bnc#771242).

   - powerpc: Fix wrong divisor in usecs_to_cputime
   (bnc#771242).

   - mm: use cpu_chill() in spin_trylock_page() and cancel on
   immediately RT. (bnc#768470)

   - be2net: Fix EEH error reset before a flash dump completes
   (bnc#755546).

   - st: Fix adding of tape link from device directory
   (bnc#771102).
   - idr: Fix locking of minor idr during failure-case removal
   and add freeing of minor idr during device removal.

   - add firmware update for Atheros 0cf3:311f (bnc#761775).

   - Unset CONFIG_WATCHDOG_NOWAYOUT to prevent reboot of
   openais on service stop. (bnc#756585)

   - Update config files: Enable CONFIG_RT2800PCI_RT3290.

   - ida: simplified functions for id allocation (bnc#749291).
   - ida: make ida_simple_get/put() IRQ safe (bnc#749291).
   - virtio-blk: use ida to allocate disk index (bnc#749291).

   - USB: option: Add USB ID for Novatel Ovation MC551
   (bnc#770269).
   - USB: option: add id for Cellient MEN-200 (bnc#770269).

   - Fix the position of SUSE logo on text screen (bnc#770238)

   - enable Atheros 0cf3:311e for firmware upload (bnc#766733).

   - scsi_dh_alua: Improve error handling (bnc#715635).
   - scsi: remove an unhandled error code message (bnc#715635).

   - Add to support Ralink ROMA wifi chip. (bnc#758703)

   - x86_64, UV: Update NMI handler for UV1000/2000 systems
   (bnc#746509, bnc#744655).
   - kdb: Fix merge error in original kdb x86 patch
   (bnc#746509).

   - udf: Avoid run away loop when partition table length is
   corrupted (bnc#769784).
   - udf: Fortify loading of sparing table (bnc#769784).
   - udf: Use ret instead of abusing i in
   udf_load_logicalvol() (bnc#769784).

   - intel_ips: blacklist HP ProBook laptops (bnc#720946).

   - drm: edid: Do not add inferred modes with higher
   resolution (bnc#753172).

   - init: mm: Reschedule when initialising large numbers of
   memory sections. (bnc#755620).

   - x86/apic: Use x2apic physical mode based on FADT setting
   (bnc#768052).

   - acpiphp: add dmi info to acpiphp module (bnc#754391).

   - ntp: fix leap second hrtimer deadlock (bnc#768632).
   - ntp: avoid printk under xtime_lock (bnc#767684).

   - nohz: Fix update_ts_time_stat idle accounting
   (bnc#767469, bnc#705551).
   - nohz: Make idle/iowait counter update conditional
   (bnc#767469, bnc#705551).

   - bug: introduce BUILD_BUG_ON_INVALID() macro
   - bug: completely remove code generated by disabled. (VM
   Performance).

   - mm: call cond_resched in putback_lru_pages (bnc#763968).

   - Update x84-64 Xen config file
   (CONFIG_ACPI_PROCESSOR_AGGREGATOR=m).

   - ia64 is odd man out, CONFIG_SCHED_HRTICK is not set, fix
   build failure due to missing hrtick_enabled() in that
   case.

   - drm: Add poll blacklist for Dell Latitude E5420
   (bnc#756276).

   - supported.conf: mark libceph and rbd as unsupported.


   - drm/i915: Fix eDP blank screen after S3 resume on HP
   desktops (bnc#752352).

   - mm: hugetlb: Decrement mapcount under page table lock
   (Consistent mapcount decrementing under lock
   (bnc#762366)).
   - mm: hugetlb: flush_tlb_range() needs page_table_lock when
   mmap_sem is not held. (Consistent locking for TLB flush
   of hugetlb pages (bnc#762366)).
   - mm/hugetlb.c: undo change to page mapcount in fault
   handler (Handle potential leaks in hugetlbfs error paths
   (bnc#762366)).

   - drm/i915: Not all systems expose a firmware or platform
   mechanism for changing the backlight intensity on i915,
   so add native driver support (bnc#752352).
   - i915: do not setup intel_backlight twice (bnc#752352).
   - drm/i915: enable vdd when switching off the eDP panel
   (bnc#752352).

   - Add missing definition blk_queue_dead().

   - Backport patches from mainline to fix SCSI crash under
   heavy load (bnc#738284): bncs
   kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/block-add-blk_queue_dead.patch: block: add
   blk_queue_dead() (bnc#738284). bncs
   kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/block-add-missing-blk_queue_dead-checks.patch:
   block: add missing blk_queue_dead() checks (bnc#738284).
   bncs kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/block-fix-race-on-request.end_io-invocations.p
   atch: block: Fix race on request.end_io invocations
   (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/scsi-fc-class-fix-scanning-when-devs-are-offli
   ne.patch: fc class: fix scanning when devs are offline
   (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/scsi-fix-device-removal-NULL-pointer-dereferen
   ce.patch: scsi: Fix device removal NULL pointer
   dereference (bnc#738284). bncs
   kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/scsi-fix-the-new-host-byte-settings.patch:
   scsi: fix DID_TARGET_FAILURE and DID_NEXUS_FAILURE host
   byte settings (bnc#738284). bncs
   kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/scsi-stop-accepting-scsi-requests.patch:
   scsi: Stop accepting SCSI requests before removing a
   device (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo
   kernel-sle11sp2-ia64.patchinfo
   kernel-sle11sp2-ppc64.patchinfo
   kernel-sle11sp2-s390x.patchinfo
   kernel-sle11sp2-x86_64.patchinfo
   kernel-sle11sp2-xtra-i586.patchinfo
   kernel-sle11sp2-xtra-ia64.patchinfo
   kernel-sle11sp2-xtra-ppc64.patchinfo
   kernel-sle11sp2-xtra-s390x.patchinfo
   kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS
   sle11sp2-extra.template sle11sp2.template sp2.diff
   sp2.new.diff
   patches.fixes/scsi-Revert-put-stricter-guards-on-queue-dead-
   chec.patch: Delete preliminary patch.

   - Provide obsoleted KMPs (bnc#753353), fix ath3k obsoletes.

   - mm: filemap: Optimise file-backed page faulting by
   emulating an adaptive sleeping spinlock (bnc#762414)

   - Add yet another product ID for HP cert machines
   (bnc#764339)

   - x86: check for valid irq_cfg pointer in
   smp_irq_move_cleanup_interrupt (bnc#763754).

   - backing-dev: use synchronize_rcu_expedited instead of
   synchronize_rcu (bnc#766027).
   - sysfs: count subdirectories (bnc#766027).
   - kABI fix for sysfs-count-subdirectories (bnc#766027).

   - block: Introduce blk_set_stacking_limits function
   (bnc#763026).

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-kernel-6641 slessp2-kernel-6648

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-kernel-6641 slessp2-kernel-6642 slessp2-kernel-6643 slessp2-kernel-6648 slessp2-kernel-6650

   - SUSE Linux Enterprise High Availability Extension 11 SP2:

      zypper in -t patch sleshasp2-kernel-6641 sleshasp2-kernel-6642 sleshasp2-kernel-6643 sleshasp2-kernel-6648 sleshasp2-kernel-6650

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-kernel-6641 sledsp2-kernel-6648

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.38]:

      kernel-default-3.0.38-0.5.1
      kernel-default-base-3.0.38-0.5.1
      kernel-default-devel-3.0.38-0.5.1
      kernel-source-3.0.38-0.5.1
      kernel-syms-3.0.38-0.5.1
      kernel-trace-3.0.38-0.5.1
      kernel-trace-base-3.0.38-0.5.1
      kernel-trace-devel-3.0.38-0.5.1
      kernel-xen-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.38]:

      kernel-pae-3.0.38-0.5.1
      kernel-pae-base-3.0.38-0.5.1
      kernel-pae-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.38]:

      kernel-default-3.0.38-0.5.1
      kernel-default-base-3.0.38-0.5.1
      kernel-default-devel-3.0.38-0.5.1
      kernel-source-3.0.38-0.5.1
      kernel-syms-3.0.38-0.5.1
      kernel-trace-3.0.38-0.5.1
      kernel-trace-base-3.0.38-0.5.1
      kernel-trace-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.38]:

      kernel-ec2-3.0.38-0.5.1
      kernel-ec2-base-3.0.38-0.5.1
      kernel-ec2-devel-3.0.38-0.5.1
      kernel-xen-3.0.38-0.5.1
      kernel-xen-base-3.0.38-0.5.1
      kernel-xen-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.38]:

      kernel-default-man-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.38]:

      kernel-ppc64-3.0.38-0.5.1
      kernel-ppc64-base-3.0.38-0.5.1
      kernel-ppc64-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.38]:

      kernel-pae-3.0.38-0.5.1
      kernel-pae-base-3.0.38-0.5.1
      kernel-pae-devel-3.0.38-0.5.1

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):

      gfs2-kmp-default-2_3.0.38_0.5-0.7.37
      gfs2-kmp-trace-2_3.0.38_0.5-0.7.37
      ocfs2-kmp-default-1.6_3.0.38_0.5-0.7.37
      ocfs2-kmp-trace-1.6_3.0.38_0.5-0.7.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 s390x):

      cluster-network-kmp-default-1.4_3.0.38_0.5-2.14.2
      cluster-network-kmp-trace-1.4_3.0.38_0.5-2.14.2

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64 x86_64):

      cluster-network-kmp-default-1.4_3.0.38_0.5-2.16.1
      cluster-network-kmp-trace-1.4_3.0.38_0.5-2.16.1

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):

      gfs2-kmp-xen-2_3.0.38_0.5-0.7.37
      ocfs2-kmp-xen-1.6_3.0.38_0.5-0.7.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (x86_64):

      cluster-network-kmp-xen-1.4_3.0.38_0.5-2.16.1

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):

      cluster-network-kmp-ppc64-1.4_3.0.38_0.5-2.16.1
      gfs2-kmp-ppc64-2_3.0.38_0.5-0.7.37
      ocfs2-kmp-ppc64-1.6_3.0.38_0.5-0.7.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):

      cluster-network-kmp-pae-1.4_3.0.38_0.5-2.14.2
      cluster-network-kmp-xen-1.4_3.0.38_0.5-2.14.2
      gfs2-kmp-pae-2_3.0.38_0.5-0.7.37
      ocfs2-kmp-pae-1.6_3.0.38_0.5-0.7.37

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.38]:

      kernel-default-3.0.38-0.5.1
      kernel-default-base-3.0.38-0.5.1
      kernel-default-devel-3.0.38-0.5.1
      kernel-default-extra-3.0.38-0.5.1
      kernel-source-3.0.38-0.5.1
      kernel-syms-3.0.38-0.5.1
      kernel-trace-3.0.38-0.5.1
      kernel-trace-base-3.0.38-0.5.1
      kernel-trace-devel-3.0.38-0.5.1
      kernel-trace-extra-3.0.38-0.5.1
      kernel-xen-3.0.38-0.5.1
      kernel-xen-base-3.0.38-0.5.1
      kernel-xen-devel-3.0.38-0.5.1
      kernel-xen-extra-3.0.38-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.38]:

      kernel-pae-3.0.38-0.5.1
      kernel-pae-base-3.0.38-0.5.1
      kernel-pae-devel-3.0.38-0.5.1
      kernel-pae-extra-3.0.38-0.5.1

   - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

      ext4-writeable-kmp-default-0_3.0.38_0.5-0.14.18
      ext4-writeable-kmp-trace-0_3.0.38_0.5-0.14.18
      kernel-default-extra-3.0.38-0.5.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      ext4-writeable-kmp-xen-0_3.0.38_0.5-0.14.18
      kernel-xen-extra-3.0.38-0.5.1

   - SLE 11 SERVER Unsupported Extras (ppc64):

      ext4-writeable-kmp-ppc64-0_3.0.38_0.5-0.14.18
      kernel-ppc64-extra-3.0.38-0.5.1

   - SLE 11 SERVER Unsupported Extras (i586):

      ext4-writeable-kmp-pae-0_3.0.38_0.5-0.14.18
      kernel-pae-extra-3.0.38-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2012-3375.html
   http://support.novell.com/security/cve/CVE-2012-3400.html
   https://bugzilla.novell.com/705551
   https://bugzilla.novell.com/715635
   https://bugzilla.novell.com/718910
   https://bugzilla.novell.com/720946
   https://bugzilla.novell.com/738284
   https://bugzilla.novell.com/744314
   https://bugzilla.novell.com/744655
   https://bugzilla.novell.com/746509
   https://bugzilla.novell.com/749291
   https://bugzilla.novell.com/752352
   https://bugzilla.novell.com/753172
   https://bugzilla.novell.com/753353
   https://bugzilla.novell.com/754391
   https://bugzilla.novell.com/754690
   https://bugzilla.novell.com/755546
   https://bugzilla.novell.com/755620
   https://bugzilla.novell.com/756276
   https://bugzilla.novell.com/756585
   https://bugzilla.novell.com/757059
   https://bugzilla.novell.com/758703
   https://bugzilla.novell.com/761775
   https://bugzilla.novell.com/762366
   https://bugzilla.novell.com/762414
   https://bugzilla.novell.com/762991
   https://bugzilla.novell.com/763026
   https://bugzilla.novell.com/763754
   https://bugzilla.novell.com/763968
   https://bugzilla.novell.com/764339
   https://bugzilla.novell.com/766027
   https://bugzilla.novell.com/766445
   https://bugzilla.novell.com/766733
   https://bugzilla.novell.com/767281
   https://bugzilla.novell.com/767469
   https://bugzilla.novell.com/767684
   https://bugzilla.novell.com/767983
   https://bugzilla.novell.com/768052
   https://bugzilla.novell.com/768084
   https://bugzilla.novell.com/768470
   https://bugzilla.novell.com/768632
   https://bugzilla.novell.com/769407
   https://bugzilla.novell.com/769685
   https://bugzilla.novell.com/769784
   https://bugzilla.novell.com/769896
   https://bugzilla.novell.com/770034
   https://bugzilla.novell.com/770238
   https://bugzilla.novell.com/770269
   https://bugzilla.novell.com/771102
   https://bugzilla.novell.com/771242
   https://bugzilla.novell.com/771361
   https://bugzilla.novell.com/771398
   https://bugzilla.novell.com/771428
   https://bugzilla.novell.com/771619
   https://bugzilla.novell.com/771778
   https://bugzilla.novell.com/772407
   https://bugzilla.novell.com/772420
   https://bugzilla.novell.com/772566
   https://bugzilla.novell.com/772831
   https://bugzilla.novell.com/772893
   https://bugzilla.novell.com/773006
   https://bugzilla.novell.com/773251
   https://bugzilla.novell.com/773406
   https://bugzilla.novell.com/773606
   https://bugzilla.novell.com/773878
   https://bugzilla.novell.com/774285
   http://download.novell.com/patch/finder/?keywords=054eeda84fdfd467b6042cd0666936fd
   http://download.novell.com/patch/finder/?keywords=2562f1c04f34ffe16e03bb259c3fa59a
   http://download.novell.com/patch/finder/?keywords=2e3d7b7adbbcb9354016e7500008d6eb
   http://download.novell.com/patch/finder/?keywords=3ce131c8ad30c9e67989bec045d25f70
   http://download.novell.com/patch/finder/?keywords=43c40bbec3b6fa96e53f65b5bd05bf22
   http://download.novell.com/patch/finder/?keywords=49f71b35667d16346304bfe7962c6acf
   http://download.novell.com/patch/finder/?keywords=7cf89a4bc5bc5fe5716772ac7b65fe44
   http://download.novell.com/patch/finder/?keywords=8ff740aad979794678ee74633038b97d
   http://download.novell.com/patch/finder/?keywords=9562bd6b9a1b5af7a6b07b9b3d121e2f
   http://download.novell.com/patch/finder/?keywords=aa508382c1b93d4d802d37d9ad3ac5b6



More information about the sle-security-updates mailing list