SUSE-SU-2014:0140-1: moderate: Security update for Linux kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Jan 27 09:05:06 MST 2014
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0140-1
Rating: moderate
References: #708296 #769644 #787843 #789359 #798050 #806988
#807434 #810323 #813245 #818545 #819979 #820102
#820338 #821980 #823618 #825696 #825896 #826602
#826756 #827767 #828236 #831168 #834473 #834708
#834808 #835074 #835186 #836718 #837739 #838623
#839407 #840226 #841445 #842239 #843419 #843429
#843445 #843642 #843645 #845621 #845729 #846036
#846984 #847261 #848321 #848336 #848544 #848652
#849021 #849029 #849034 #849404 #849675 #849809
#849848 #849950 #850640 #851066 #851101 #851314
#852373 #852558 #852559 #852624 #853050 #853051
#853052 #854546 #854634 #854722 #855037
Cross-References: CVE-2013-4345 CVE-2013-4483 CVE-2013-4511
CVE-2013-4514 CVE-2013-4515 CVE-2013-4587
CVE-2013-4592 CVE-2013-6367 CVE-2013-6368
CVE-2013-6378 CVE-2013-6380 CVE-2013-6383
CVE-2013-6463 CVE-2013-7027
Affected Products:
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise Desktop 11 SP2
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________
An update that solves 14 vulnerabilities and has 57 fixes
is now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 Service Pack 2 kernel was
updated to 3.0.101 and also includes various other bug and
security fixes.
A new feature was added:
* supported.conf: marked net/netfilter/xt_set as
supported (bnc#851066)(fate#313309)
The following security bugs have been fixed:
*
CVE-2013-4587: Array index error in the
kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in
the KVM subsystem in the Linux kernel through 3.12.5 allows
local users to gain privileges via a large id value.
(bnc#853050)
*
CVE-2013-6368: The KVM subsystem in the Linux kernel
through 3.12.5 allows local users to gain privileges or
cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address.
(bnc#853052)
*
CVE-2013-6367: The apic_get_tmcct function in
arch/x86/kvm/lapic.c in the KVM subsystem in the Linux
kernel through 3.12.5 allows guest OS users to cause a
denial of service (divide-by-zero error and host OS crash)
via crafted modifications of the TMICT value. (bnc#853051)
*
CVE-2013-4592: Memory leak in the
__kvm_set_memory_region function in virt/kvm/kvm_main.c in
the Linux kernel before 3.9 allows local users to cause a
denial of service (memory consumption) by leveraging
certain device access to trigger movement of memory slots.
(bnc#851101)
*
CVE-2013-6378: The lbs_debugfs_write function in
drivers/net/wireless/libertas/debugfs.c in the Linux kernel
through 3.12.1 allows local users to cause a denial of
service (OOPS) by leveraging root privileges for a
zero-length write operation. (bnc#852559)
*
CVE-2013-4514: Multiple buffer overflows in
drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel
before 3.12 allow local users to cause a denial of service
or possibly have unspecified other impact by leveraging the
CAP_NET_ADMIN capability and providing a long station-name
string, related to the (1) wvlan_uil_put_info and (2)
wvlan_set_station_nickname functions. (bnc#849029)
*
CVE-2013-4515: The bcm_char_ioctl function in
drivers/staging/bcm/Bcmchar.c in the Linux kernel before
3.12 does not initialize a certain data structure, which
allows local users to obtain sensitive information from
kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl
call. (bnc#849034)
*
CVE-2013-7027: The ieee80211_radiotap_iterator_init
function in net/wireless/radiotap.c in the Linux kernel
before 3.11.7 does not check whether a frame contains any
data outside of the header, which might allow attackers to
cause a denial of service (buffer over-read) via a crafted
header. (bnc#854634)
*
CVE-2013-4483: The ipc_rcu_putref function in
ipc/util.c in the Linux kernel before 3.10 does not
properly manage a reference count, which allows local users
to cause a denial of service (memory consumption or system
crash) via a crafted application. (bnc#848321)
*
CVE-2013-4511: Multiple integer overflows in Alchemy
LCD frame-buffer drivers in the Linux kernel before 3.12
allow local users to create a read-write memory mapping for
the entirety of kernel memory, and consequently gain
privileges, via crafted mmap operations, related to the (1)
au1100fb_fb_mmap function in drivers/video/au1100fb.c and
the (2) au1200fb_fb_mmap function in
drivers/video/au1200fb.c. (bnc#849021)
*
CVE-2013-6380: The aac_send_raw_srb function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel through
3.12.1 does not properly validate a certain size value,
which allows local users to cause a denial of service
(invalid pointer dereference) or possibly have unspecified
other impact via an FSACTL_SEND_RAW_SRB ioctl call that
triggers a crafted SRB command. (bnc#852373)
*
CVE-2013-6463: Linux kernel built with the networking
support(CONFIG_NET) is vulnerable to an information leakage
flaw in the socket layer. It could occur while doing
recvmsg(2), recvfrom(2) socket calls. It occurs due to
improperly initialised msg_name & msg_namelen message
header parameters. (bnc#854722)
*
CVE-2013-6383: The aac_compat_ioctl function in
drivers/scsi/aacraid/linit.c in the Linux kernel before
3.11.8 does not require the CAP_SYS_RAWIO capability, which
allows local users to bypass intended access restrictions
via a crafted ioctl call. (bnc#852558)
*
CVE-2013-4345: Off-by-one error in the get_prng_bytes
function in crypto/ansi_cprng.c in the Linux kernel through
3.11.4 makes it easier for context-dependent attackers to
defeat cryptographic protection mechanisms via multiple
requests for small amounts of data, leading to improper
management of the state of the consumed data. (bnc#840226)
Also the following non-security bugs have been fixed:
* kabi: protect bind_conflict callback in struct
inet_connection_sock_af_ops (bnc#823618).
* printk: forcibly flush nmi ringbuffer if oops is in
progress (bnc#849675).
* blktrace: Send BLK_TN_PROCESS events to all running
traces (bnc#838623).
* x86/dumpstack: Fix printk_address for direct
addresses (bnc#845621).
* futex: fix handling of read-only-mapped hugepages (VM
Functionality).
* random: fix accounting race condition with lockless
irq entropy_count update (bnc#789359).
* Provide realtime priority kthread and workqueue boot
options (bnc#836718).
* sched: Fix several races in CFS_BANDWIDTH
(bnc#848336).
* sched: Fix cfs_bandwidth misuse of
hrtimer_expires_remaining (bnc#848336).
* sched: Fix hrtimer_cancel()/rq->lock deadlock
(bnc#848336).
* sched: Fix race on toggling cfs_bandwidth_used
(bnc#848336).
* sched: Fix buglet in return_cfs_rq_runtime().
* sched: Guarantee new group-entities always have
weight (bnc#848336).
* sched: Use jump labels to reduce overhead when
bandwidth control is inactive (bnc#848336).
*
watchdog: Get rid of MODULE_ALIAS_MISCDEV statements
(bnc#827767).
*
tcp: bind() fix autoselection to share ports
(bnc#823618).
* tcp: bind() use stronger condition for bind_conflict
(bnc#823618).
* tcp: ipv6: bind() use stronger condition for
bind_conflict (bnc#823618).
* macvlan: disable LRO on lower device instead of
macvlan (bnc#846984).
* macvlan: introduce IFF_MACVLAN flag and helper
function (bnc#846984).
* macvlan: introduce macvlan_dev_real_dev() helper
function (bnc#846984).
* xen: netback: bump tx queue length (bnc#849404).
* xen: xen_spin_kick fixed crash/lock release
(bnc#807434)(bnc#848652).
* xen: fixed USB passthrough issue (bnc#852624).
* netxen: fix off by one bug in
netxen_release_tx_buffer() (bnc#845729).
* xfrm: invalidate dst on policy insertion/deletion
(bnc#842239).
*
xfrm: prevent ipcomp scratch buffer race condition
(bnc#842239).
*
crypto: Fix aes-xts parameter corruption (bnc#854546,
LTC#100718).
*
crypto: gf128mul - fix call to memset() (obvious fix).
*
autofs4: autofs4_wait() vs. autofs4_catatonic_mode()
race (bnc#851314).
* autofs4: catatonic_mode vs. notify_daemon race
(bnc#851314).
* autofs4: close the races around
autofs4_notify_daemon() (bnc#851314).
* autofs4: deal with autofs4_write/autofs4_write races
(bnc#851314).
* autofs4 - dont clear DCACHE_NEED_AUTOMOUNT on
rootless mount (bnc#851314).
* autofs4 - fix deal with autofs4_write races
(bnc#851314).
*
autofs4 - use simple_empty() for empty directory
check (bnc#851314).
*
blkdev_max_block: make private to fs/buffer.c
(bnc#820338).
*
Avoid softlockup in shrink_dcache_for_umount_subtree
(bnc#834473).
*
dlm: set zero linger time on sctp socket (bnc#787843).
* SUNRPC: Fix a data corruption issue when
retransmitting RPC calls (bnc#855037)
* nfs: Change NFSv4 to not recover locks after they are
lost (bnc#828236).
*
nfs: Adapt readdirplus to application usage patterns
(bnc#834708).
*
xfs: Account log unmount transaction correctly
(bnc#849950).
* xfs: improve ioend error handling (bnc#846036).
* xfs: reduce ioend latency (bnc#846036).
* xfs: use per-filesystem I/O completion workqueues
(bnc#846036).
*
xfs: Hide additional entries in struct xfs_mount
(bnc#846036 bnc#848544).
*
vfs: avoid "attempt to access beyond end of device"
warnings (bnc#820338).
*
vfs: fix O_DIRECT read past end of block device
(bnc#820338).
*
cifs: Improve performance of browsing directories
with several files (bnc#810323).
*
cifs: Ensure cifs directories do not show up as files
(bnc#826602).
*
sd: avoid deadlocks when running under multipath
(bnc#818545).
* sd: fix crash when UA received on DIF enabled device
(bnc#841445).
*
sg: fix blk_get_queue usage (bnc#834808).
*
block: factor out vector mergeable decision to a
helper function (bnc#769644).
*
block: modify __bio_add_page check to accept pages
that do not start a new segment (bnc#769644).
*
dm-multipath: abort all requests when failing a path
(bnc#798050).
* scsi: Add "eh_deadline" to limit SCSI EH runtime
(bnc#798050).
* scsi: Allow error handling timeout to be specified
(bnc#798050).
* scsi: Fixup compilation warning (bnc#798050).
* scsi: Retry failfast commands after EH (bnc#798050).
* scsi: Warn on invalid command completion (bnc#798050).
* scsi: kABI fixes (bnc#798050).
* scsi: remove check for "resetting" (bnc#798050).
* advansys: Remove "last_reset" references (bnc#798050).
* cleanup setting task state in scsi_error_handler()
(bnc#798050).
* dc395: Move "last_reset" into internal host structure
(bnc#798050).
* dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050).
* dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset
(bnc#798050).
*
tmscsim: Move "last_reset" into host structure
(bnc#798050).
*
scsi_dh: invoke callback if ->activate is not present
(bnc#708296).
* scsi_dh: return individual errors in
scsi_dh_activate() (bnc#708296).
* scsi_dh_alua: Decode EMC Clariion extended inquiry
(bnc#708296).
* scsi_dh_alua: Decode HP EVA array identifier
(bnc#708296).
* scsi_dh_alua: Evaluate state for all port groups
(bnc#708296).
* scsi_dh_alua: Fix missing close brace in
alua_check_sense (bnc#843642).
* scsi_dh_alua: Make stpg synchronous (bnc#708296).
* scsi_dh_alua: Pass buffer as function argument
(bnc#708296).
* scsi_dh_alua: Re-evaluate port group states after
STPG (bnc#708296).
* scsi_dh_alua: Recheck state on transitioning
(bnc#708296).
* scsi_dh_alua: Rework rtpg workqueue (bnc#708296).
* scsi_dh_alua: Use separate alua_port_group structure
(bnc#708296).
* scsi_dh_alua: Allow get_alua_data() to return NULL
(bnc#839407).
* scsi_dh_alua: asynchronous RTPG (bnc#708296).
* scsi_dh_alua: correctly terminate target port strings
(bnc#708296).
* scsi_dh_alua: defer I/O while workqueue item is
pending (bnc#708296).
* scsi_dh_alua: Do not attach to RAID or enclosure
devices (bnc#819979).
* scsi_dh_alua: Do not attach to well-known LUNs
(bnc#821980).
* scsi_dh_alua: fine-grained locking in
alua_rtpg_work() (bnc#708296).
* scsi_dh_alua: invalid state information for
"optimized" paths (bnc#843445).
* scsi_dh_alua: move RTPG to workqueue (bnc#708296).
* scsi_dh_alua: move "expiry" into PG structure
(bnc#708296).
* scsi_dh_alua: move some sense code handling into
generic code (bnc#813245).
* scsi_dh_alua: multipath failover fails with error 15
(bnc#825696).
* scsi_dh_alua: parse target device id (bnc#708296).
* scsi_dh_alua: protect accesses to struct
alua_port_group (bnc#708296).
* scsi_dh_alua: put sense buffer on stack (bnc#708296).
* scsi_dh_alua: reattaching device handler fails with
"Error 15" (bnc#843429).
* scsi_dh_alua: remove locking when checking state
(bnc#708296).
* scsi_dh_alua: remove stale variable (bnc#708296).
* scsi_dh_alua: retry RTPG on UNIT ATTENTION
(bnc#708296).
* scsi_dh_alua: retry command on "mode parameter
changed" sense code (bnc#843645).
* scsi_dh_alua: simplify alua_check_sense()
(bnc#843642).
* scsi_dh_alua: simplify state update (bnc#708296).
* scsi_dh_alua: use delayed_work (bnc#708296).
* scsi_dh_alua: use flag for RTPG extended header
(bnc#708296).
* scsi_dh_alua: use local buffer for VPD inquiry
(bnc#708296).
*
scsi_dh_alua: use spin_lock_irqsave for port group
(bnc#708296).
*
lpfc: Do not free original IOCB whenever ABTS fails
(bnc#806988).
* lpfc: Fix kernel warning on spinlock usage
(bnc#806988).
*
lpfc: Fixed system panic due to midlayer abort
(bnc#806988).
*
qla2xxx: Add module parameter to override the default
request queue size (bnc#826756).
*
qla2xxx: Module parameter "ql2xasynclogin"
(bnc#825896).
*
bna: do not register ndo_set_rx_mode callback
(bnc#847261).
* hv: handle more than just WS2008 in KVP negotiation
(bnc#850640).
*
drm: do not add inferred modes for monitors that do
not support them (bnc#849809).
*
pci/quirks: Modify reset method for Chelsio T4
(bnc#831168).
* pci: fix truncation of resource size to 32 bits
(bnc#843419).
* pci: pciehp: Retrieve link speed after link is
trained (bnc#820102).
* pci: Separate pci_bus_read_dev_vendor_id from
pci_scan_device (bnc#820102).
* pci: pciehp: replace unconditional sleep with config
space access check (bnc#820102).
* pci: pciehp: make check_link_active more helpful
(bnc#820102).
* pci: pciehp: Add pcie_wait_link_not_active()
(bnc#820102).
* pci: pciehp: Add Disable/enable link functions
(bnc#820102).
*
pci: pciehp: Disable/enable link during slot power
off/on (bnc#820102).
*
mlx4: allocate just enough pages instead of always 4
pages (bnc#835186 bnc#835074).
* mlx4: allow order-0 memory allocations in RX path
(bnc#835186 bnc#835074).
* net/mlx4: use one page fragment per incoming frame
(bnc#835186 bnc#835074).
*
qeth: request length checking in snmp ioctl
(bnc#849848, LTC#99511).
*
cio: add message for timeouts on internal I/O
(bnc#837739,LTC#97047).
* s390/cio: dont abort verification after missing irq
(bnc#837739,LTC#97047).
* s390/cio: skip broken paths (bnc#837739,LTC#97047).
* s390/cio: export vpm via sysfs (bnc#837739,LTC#97047).
* s390/cio: handle unknown pgroup state
(bnc#837739,LTC#97047).
Security Issue references:
* CVE-2013-4345
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4345
>
* CVE-2013-4483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4483
>
* CVE-2013-4511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4511
>
* CVE-2013-4514
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4514
>
* CVE-2013-4515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4515
>
* CVE-2013-4587
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4587
>
* CVE-2013-4592
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4592
>
* CVE-2013-6367
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6367
>
* CVE-2013-6368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6368
>
* CVE-2013-6378
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6378
>
* CVE-2013-6380
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6380
>
* CVE-2013-6383
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6383
>
* CVE-2013-6463
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6463
>
* CVE-2013-7027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7027
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-kernel-8779 slessp2-kernel-8791
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-kernel-8779 slessp2-kernel-8780 slessp2-kernel-8781 slessp2-kernel-8791 slessp2-kernel-8792
- SUSE Linux Enterprise High Availability Extension 11 SP2:
zypper in -t patch sleshasp2-kernel-8779 sleshasp2-kernel-8780 sleshasp2-kernel-8781 sleshasp2-kernel-8791 sleshasp2-kernel-8792
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-kernel-8779 sledsp2-kernel-8791
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.7.15.1
kernel-default-base-3.0.101-0.7.15.1
kernel-default-devel-3.0.101-0.7.15.1
kernel-source-3.0.101-0.7.15.1
kernel-syms-3.0.101-0.7.15.1
kernel-trace-3.0.101-0.7.15.1
kernel-trace-base-3.0.101-0.7.15.1
kernel-trace-devel-3.0.101-0.7.15.1
kernel-xen-devel-3.0.101-0.7.15.1
xen-kmp-trace-4.1.6_04_3.0.101_0.7.15-0.5.12
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.7.15.1
kernel-pae-base-3.0.101-0.7.15.1
kernel-pae-devel-3.0.101-0.7.15.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.7.15.1
kernel-default-base-3.0.101-0.7.15.1
kernel-default-devel-3.0.101-0.7.15.1
kernel-source-3.0.101-0.7.15.1
kernel-syms-3.0.101-0.7.15.1
kernel-trace-3.0.101-0.7.15.1
kernel-trace-base-3.0.101-0.7.15.1
kernel-trace-devel-3.0.101-0.7.15.1
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.101]:
kernel-ec2-3.0.101-0.7.15.1
kernel-ec2-base-3.0.101-0.7.15.1
kernel-ec2-devel-3.0.101-0.7.15.1
kernel-xen-3.0.101-0.7.15.1
kernel-xen-base-3.0.101-0.7.15.1
kernel-xen-devel-3.0.101-0.7.15.1
xen-kmp-default-4.1.6_04_3.0.101_0.7.15-0.5.12
xen-kmp-trace-4.1.6_04_3.0.101_0.7.15-0.5.12
- SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.101]:
kernel-default-man-3.0.101-0.7.15.1
- SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.101]:
kernel-ppc64-3.0.101-0.7.15.1
kernel-ppc64-base-3.0.101-0.7.15.1
kernel-ppc64-devel-3.0.101-0.7.15.1
- SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.7.15.1
kernel-pae-base-3.0.101-0.7.15.1
kernel-pae-devel-3.0.101-0.7.15.1
xen-kmp-pae-4.1.6_04_3.0.101_0.7.15-0.5.12
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.101_0.7.15-2.18.79
cluster-network-kmp-trace-1.4_3.0.101_0.7.15-2.18.79
gfs2-kmp-default-2_3.0.101_0.7.15-0.7.107
gfs2-kmp-trace-2_3.0.101_0.7.15-0.7.107
ocfs2-kmp-default-1.6_3.0.101_0.7.15-0.11.78
ocfs2-kmp-trace-1.6_3.0.101_0.7.15-0.11.78
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.101_0.7.15-2.18.79
gfs2-kmp-xen-2_3.0.101_0.7.15-0.7.107
ocfs2-kmp-xen-1.6_3.0.101_0.7.15-0.11.78
- SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.101_0.7.15-2.18.79
gfs2-kmp-ppc64-2_3.0.101_0.7.15-0.7.107
ocfs2-kmp-ppc64-1.6_3.0.101_0.7.15-0.11.78
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):
cluster-network-kmp-pae-1.4_3.0.101_0.7.15-2.18.79
gfs2-kmp-pae-2_3.0.101_0.7.15-0.7.107
ocfs2-kmp-pae-1.6_3.0.101_0.7.15-0.11.78
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.101]:
kernel-default-3.0.101-0.7.15.1
kernel-default-base-3.0.101-0.7.15.1
kernel-default-devel-3.0.101-0.7.15.1
kernel-default-extra-3.0.101-0.7.15.1
kernel-source-3.0.101-0.7.15.1
kernel-syms-3.0.101-0.7.15.1
kernel-trace-3.0.101-0.7.15.1
kernel-trace-base-3.0.101-0.7.15.1
kernel-trace-devel-3.0.101-0.7.15.1
kernel-trace-extra-3.0.101-0.7.15.1
kernel-xen-3.0.101-0.7.15.1
kernel-xen-base-3.0.101-0.7.15.1
kernel-xen-devel-3.0.101-0.7.15.1
kernel-xen-extra-3.0.101-0.7.15.1
xen-kmp-default-4.1.6_04_3.0.101_0.7.15-0.5.12
xen-kmp-trace-4.1.6_04_3.0.101_0.7.15-0.5.12
- SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.101]:
kernel-pae-3.0.101-0.7.15.1
kernel-pae-base-3.0.101-0.7.15.1
kernel-pae-devel-3.0.101-0.7.15.1
kernel-pae-extra-3.0.101-0.7.15.1
xen-kmp-pae-4.1.6_04_3.0.101_0.7.15-0.5.12
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
ext4-writeable-kmp-default-0_3.0.101_0.7.15-0.14.88
ext4-writeable-kmp-trace-0_3.0.101_0.7.15-0.14.88
kernel-default-extra-3.0.101-0.7.15.1
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
ext4-writeable-kmp-xen-0_3.0.101_0.7.15-0.14.88
kernel-xen-extra-3.0.101-0.7.15.1
- SLE 11 SERVER Unsupported Extras (ppc64):
ext4-writeable-kmp-ppc64-0_3.0.101_0.7.15-0.14.88
kernel-ppc64-extra-3.0.101-0.7.15.1
- SLE 11 SERVER Unsupported Extras (i586):
ext4-writeable-kmp-pae-0_3.0.101_0.7.15-0.14.88
kernel-pae-extra-3.0.101-0.7.15.1
References:
http://support.novell.com/security/cve/CVE-2013-4345.html
http://support.novell.com/security/cve/CVE-2013-4483.html
http://support.novell.com/security/cve/CVE-2013-4511.html
http://support.novell.com/security/cve/CVE-2013-4514.html
http://support.novell.com/security/cve/CVE-2013-4515.html
http://support.novell.com/security/cve/CVE-2013-4587.html
http://support.novell.com/security/cve/CVE-2013-4592.html
http://support.novell.com/security/cve/CVE-2013-6367.html
http://support.novell.com/security/cve/CVE-2013-6368.html
http://support.novell.com/security/cve/CVE-2013-6378.html
http://support.novell.com/security/cve/CVE-2013-6380.html
http://support.novell.com/security/cve/CVE-2013-6383.html
http://support.novell.com/security/cve/CVE-2013-6463.html
http://support.novell.com/security/cve/CVE-2013-7027.html
https://bugzilla.novell.com/708296
https://bugzilla.novell.com/769644
https://bugzilla.novell.com/787843
https://bugzilla.novell.com/789359
https://bugzilla.novell.com/798050
https://bugzilla.novell.com/806988
https://bugzilla.novell.com/807434
https://bugzilla.novell.com/810323
https://bugzilla.novell.com/813245
https://bugzilla.novell.com/818545
https://bugzilla.novell.com/819979
https://bugzilla.novell.com/820102
https://bugzilla.novell.com/820338
https://bugzilla.novell.com/821980
https://bugzilla.novell.com/823618
https://bugzilla.novell.com/825696
https://bugzilla.novell.com/825896
https://bugzilla.novell.com/826602
https://bugzilla.novell.com/826756
https://bugzilla.novell.com/827767
https://bugzilla.novell.com/828236
https://bugzilla.novell.com/831168
https://bugzilla.novell.com/834473
https://bugzilla.novell.com/834708
https://bugzilla.novell.com/834808
https://bugzilla.novell.com/835074
https://bugzilla.novell.com/835186
https://bugzilla.novell.com/836718
https://bugzilla.novell.com/837739
https://bugzilla.novell.com/838623
https://bugzilla.novell.com/839407
https://bugzilla.novell.com/840226
https://bugzilla.novell.com/841445
https://bugzilla.novell.com/842239
https://bugzilla.novell.com/843419
https://bugzilla.novell.com/843429
https://bugzilla.novell.com/843445
https://bugzilla.novell.com/843642
https://bugzilla.novell.com/843645
https://bugzilla.novell.com/845621
https://bugzilla.novell.com/845729
https://bugzilla.novell.com/846036
https://bugzilla.novell.com/846984
https://bugzilla.novell.com/847261
https://bugzilla.novell.com/848321
https://bugzilla.novell.com/848336
https://bugzilla.novell.com/848544
https://bugzilla.novell.com/848652
https://bugzilla.novell.com/849021
https://bugzilla.novell.com/849029
https://bugzilla.novell.com/849034
https://bugzilla.novell.com/849404
https://bugzilla.novell.com/849675
https://bugzilla.novell.com/849809
https://bugzilla.novell.com/849848
https://bugzilla.novell.com/849950
https://bugzilla.novell.com/850640
https://bugzilla.novell.com/851066
https://bugzilla.novell.com/851101
https://bugzilla.novell.com/851314
https://bugzilla.novell.com/852373
https://bugzilla.novell.com/852558
https://bugzilla.novell.com/852559
https://bugzilla.novell.com/852624
https://bugzilla.novell.com/853050
https://bugzilla.novell.com/853051
https://bugzilla.novell.com/853052
https://bugzilla.novell.com/854546
https://bugzilla.novell.com/854634
https://bugzilla.novell.com/854722
https://bugzilla.novell.com/855037
http://download.novell.com/patch/finder/?keywords=282330ca15c25c5d414afa797fd00055
http://download.novell.com/patch/finder/?keywords=3d92bf18525263d6502455d7bb30778d
http://download.novell.com/patch/finder/?keywords=457afa810386e3c89cbe7d34f2669ec6
http://download.novell.com/patch/finder/?keywords=67177844fdc4ad7928d0b72e827b1792
http://download.novell.com/patch/finder/?keywords=6d440d2c2b586181d099e77b38c3f10c
http://download.novell.com/patch/finder/?keywords=7e6471ccc2fab115e43fdd4825b2703d
http://download.novell.com/patch/finder/?keywords=8f7b9d1a1e950072493fafe9d3ce7b0b
http://download.novell.com/patch/finder/?keywords=96c8b378c86a8c1970d130e0ca6c215e
http://download.novell.com/patch/finder/?keywords=9a3c3a81214dce764b5a30eb1137ff05
http://download.novell.com/patch/finder/?keywords=a3c4d33c79469ac8a1f49845dce098d2
More information about the sle-security-updates
mailing list