From sle-security-updates at lists.suse.com Fri Apr 1 06:07:36 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 1 Apr 2016 14:07:36 +0200 (CEST) Subject: SUSE-SU-2016:0931-1: moderate: Security update for libvirt Message-ID: <20160401120736.8B796FF59@maintenance.suse.de> SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0931-1 Rating: moderate References: #948516 #948686 #953110 #959094 #960305 #961173 Cross-References: CVE-2015-5313 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has 5 fixes is now available. Description: This update for libvirt fixes the following issues: Security issue: - CVE-2015-5313: directory directory traversal privilege escalation vulnerability. (bsc#953110) Bugs fixed: - bsc#960305: xenxs: support parsing and formatting vif bandwidth - bsc#961173: xen: use correct domctl version in domaininfolist union - bsc#959094: xen: Disable building xen-inotify subdriver. It is unmaintained and contains bugs that can cause client connection failures. - bsc#948686: qemu: Use PAUSED state for domains that are starting up - bsc#948516: Fix profile_status to distringuish between errors and unconfined domains. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libvirt-12487=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libvirt-12487=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libvirt-12487=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libvirt-12487=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-devel-1.2.5-12.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (x86_64): libvirt-devel-32bit-1.2.5-12.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-1.2.5-12.3 libvirt-client-1.2.5-12.3 libvirt-doc-1.2.5-12.3 libvirt-lock-sanlock-1.2.5-12.3 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libvirt-client-32bit-1.2.5-12.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libvirt-1.2.5-12.3 libvirt-client-1.2.5-12.3 libvirt-doc-1.2.5-12.3 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libvirt-client-32bit-1.2.5-12.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libvirt-debuginfo-1.2.5-12.3 libvirt-debugsource-1.2.5-12.3 References: https://www.suse.com/security/cve/CVE-2015-5313.html https://bugzilla.suse.com/948516 https://bugzilla.suse.com/948686 https://bugzilla.suse.com/953110 https://bugzilla.suse.com/959094 https://bugzilla.suse.com/960305 https://bugzilla.suse.com/961173 From sle-security-updates at lists.suse.com Fri Apr 1 11:07:53 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 1 Apr 2016 19:07:53 +0200 (CEST) Subject: SUSE-SU-2016:0935-1: moderate: Security update for python-Pillow Message-ID: <20160401170753.1BCF5FF7C@maintenance.suse.de> SUSE Security Update: Security update for python-Pillow ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0935-1 Rating: moderate References: #965579 #965582 Cross-References: CVE-2016-0740 CVE-2016-0775 Affected Products: SUSE OpenStack Cloud 6 SUSE Enterprise Storage 2.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for python-Pillow fixes the following security issues: * CVE-2016-0775: Fixed a buffer overflow in FliDecode.c causing a segfault when opening FLI files. (bsc#965582) * CVE-2016-0740: Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file. (bsc#965579) * Fixed an integer overflow in Resample.c causing writes in the Python heap. * Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2016-539=1 - SUSE Enterprise Storage 2.1: zypper in -t patch SUSE-Storage-2.1-2016-539=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): python-Pillow-2.7.0-3.1 python-Pillow-debuginfo-2.7.0-3.1 python-Pillow-debugsource-2.7.0-3.1 - SUSE Enterprise Storage 2.1 (x86_64): python-Pillow-2.7.0-3.1 python-Pillow-debuginfo-2.7.0-3.1 python-Pillow-debugsource-2.7.0-3.1 References: https://www.suse.com/security/cve/CVE-2016-0740.html https://www.suse.com/security/cve/CVE-2016-0775.html https://bugzilla.suse.com/965579 https://bugzilla.suse.com/965582 From sle-security-updates at lists.suse.com Fri Apr 1 12:07:46 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 1 Apr 2016 20:07:46 +0200 (CEST) Subject: SUSE-SU-2016:0936-1: moderate: Security update for quagga Message-ID: <20160401180746.361DAFF7B@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0936-1 Rating: moderate References: #970952 Cross-References: CVE-2016-2342 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for quagga fixes the following security issue: - CVE-2016-2342: Quagga was extended the prefixlen check to ensure it is within the bound of the NLRI packet data and the on-stack prefix structure and the maximum size for the address family (bsc#970952). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-540=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-540=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-540=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-540=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): quagga-debuginfo-0.99.22.1-5.1 quagga-debugsource-0.99.22.1-5.1 quagga-devel-0.99.22.1-5.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): quagga-debuginfo-0.99.22.1-5.1 quagga-debugsource-0.99.22.1-5.1 quagga-devel-0.99.22.1-5.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): quagga-0.99.22.1-5.1 quagga-debuginfo-0.99.22.1-5.1 quagga-debugsource-0.99.22.1-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): quagga-0.99.22.1-5.1 quagga-debuginfo-0.99.22.1-5.1 quagga-debugsource-0.99.22.1-5.1 References: https://www.suse.com/security/cve/CVE-2016-2342.html https://bugzilla.suse.com/970952 From sle-security-updates at lists.suse.com Mon Apr 4 06:07:55 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 4 Apr 2016 14:07:55 +0200 (CEST) Subject: SUSE-SU-2016:0946-1: moderate: Security update for quagga Message-ID: <20160404120755.035F1FF91@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0946-1 Rating: moderate References: #970952 Cross-References: CVE-2016-2342 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for quagga fixes the following security issue: - CVE-2016-2342: Quagga was extended the prefixlen check to ensure it is within the bound of the NLRI packet data and the on-stack prefix structure and the maximum size for the address family (bsc#970952). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-quagga-12489=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-quagga-12489=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-quagga-12489=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.16.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): quagga-0.99.15-0.16.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.16.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-debuginfo-0.99.15-0.16.1 quagga-debugsource-0.99.15-0.16.1 References: https://www.suse.com/security/cve/CVE-2016-2342.html https://bugzilla.suse.com/970952 From sle-security-updates at lists.suse.com Tue Apr 5 08:08:31 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 16:08:31 +0200 (CEST) Subject: SUSE-SU-2016:0953-1: Security update for quagga Message-ID: <20160405140831.EEB83FF81@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0953-1 Rating: low References: #770619 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for quagga fixes one security issue: - bsc#770619: Disallow unprivileged users to enter config directory /etc/quagga (group: quagga, mode: 750) and read configuration files installed there (group: quagga, mode: 640). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-551=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-551=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-551=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-551=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): quagga-debuginfo-0.99.22.1-9.1 quagga-debugsource-0.99.22.1-9.1 quagga-devel-0.99.22.1-9.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): quagga-debuginfo-0.99.22.1-9.1 quagga-debugsource-0.99.22.1-9.1 quagga-devel-0.99.22.1-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): quagga-0.99.22.1-9.1 quagga-debuginfo-0.99.22.1-9.1 quagga-debugsource-0.99.22.1-9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): quagga-0.99.22.1-9.1 quagga-debuginfo-0.99.22.1-9.1 quagga-debugsource-0.99.22.1-9.1 References: https://bugzilla.suse.com/770619 From sle-security-updates at lists.suse.com Tue Apr 5 08:08:55 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 16:08:55 +0200 (CEST) Subject: SUSE-SU-2016:0954-1: Security update for quagga Message-ID: <20160405140855.E3753FF84@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0954-1 Rating: low References: #770619 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for quagga fixes one security issue: - bsc#770619: Disallow unprivileged users to enter config directory /etc/quagga (group: quagga, mode: 750) and read configuration files installed there (group: quagga, mode: 640). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-quagga-12491=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-quagga-12491=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-quagga-12491=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.21.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): quagga-0.99.15-0.21.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): quagga-debuginfo-0.99.15-0.21.1 quagga-debugsource-0.99.15-0.21.1 References: https://bugzilla.suse.com/770619 From sle-security-updates at lists.suse.com Tue Apr 5 09:07:57 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 17:07:57 +0200 (CEST) Subject: SUSE-SU-2016:0955-1: important: Security update for xen Message-ID: <20160405150757.C8A85FFCD@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0955-1 Rating: important References: #864391 #864655 #864673 #864678 #864682 #864769 #864805 #864811 #877642 #897654 #901508 #902737 #924018 #928393 #945404 #945989 #954872 #956829 #957162 #957988 #958007 #958009 #958491 #958523 #958917 #959005 #959387 #959695 #959928 #960334 #960707 #960725 #960835 #960861 #960862 #961332 #961358 #961691 #962320 #963782 #963923 #964413 #965315 #965317 #967012 #967013 #967630 #967969 #969121 #969122 #969350 Cross-References: CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2014-0222 CVE-2014-3640 CVE-2014-3689 CVE-2014-7815 CVE-2014-9718 CVE-2015-1779 CVE-2015-5278 CVE-2015-6855 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2015-8817 CVE-2015-8818 CVE-2016-1568 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2392 CVE-2016-2538 CVE-2016-2841 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 46 vulnerabilities and has 5 fixes is now available. Description: xen was updated to fix 47 security issues. These security issues were fixed: - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers (bnc#864673). - CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image (bnc#864678). - CVE-2013-4530: Buffer overflow in hw/ssi/pl022.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image (bnc#864682). - CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655). - CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811). - CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391). - CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769). - CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805). - CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654). - CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508). - CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737). - CVE-2014-9718: The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality had multiple interpretations of a function's return value, which allowed guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions (bsc#928393). - CVE-2015-1779: The VNC websocket frame decoder allowed remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section (bsc#924018). - CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989). - CVE-2015-6855: hw/ide/core.c did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#945404). - CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162). - CVE-2015-7549: pci: NULL pointer dereference issue (bsc#958917). - CVE-2015-8345: eepro100: infinite loop in processing command block list (bsc#956829). - CVE-2015-8504: VNC: floating point exception (bsc#958491). - CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988). - CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007). - CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009). - CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005). - CVE-2015-8567: vmxnet3: host memory leakage (bsc#959387). - CVE-2015-8568: vmxnet3: host memory leakage (bsc#959387). - CVE-2015-8613: SCSI: stack based buffer overflow in megasas_ctrl_get_info (bsc#961358). - CVE-2015-8619: Stack based OOB write in hmp_sendkey routine (bsc#960334). - CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725). - CVE-2015-8744: vmxnet3: Incorrect l2 header validation lead to a crash via assert(2) call (bsc#960835). - CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707). - CVE-2015-8817: OOB access in address_space_rw lead to segmentation fault (I) (bsc#969121). - CVE-2015-8818: OOB access in address_space_rw lead to segmentation fault (II) (bsc#969122). - CVE-2016-1568: AHCI use-after-free vulnerability in aio port commands (bsc#961332). - CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861). - CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862). - CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691). - CVE-2016-1922: NULL pointer dereference in vapic_write() (bsc#962320). - CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782). - CVE-2016-2198: EHCI NULL pointer dereference in ehci_caps_write (bsc#964413). - CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315). - CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317). - CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013). - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling (bsc#967012). - CVE-2016-2538: Integer overflow in remote NDIS control message handling (bsc#967969). - CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350). - XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523). These non-security issues were fixed: - bsc#954872: script block-dmmd not working as expected - bsc#963923: domain weights not honored when sched-credit tslice is reduced - bsc#959695: Missing docs for xen - bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend - bsc#959928: When DomU is in state running xm domstate returned nothing Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-12492=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-12492=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-xen-12492=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-12492=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_02-32.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_02_3.0.101_68-32.1 xen-libs-4.4.4_02-32.1 xen-tools-domU-4.4.4_02-32.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_02-32.1 xen-doc-html-4.4.4_02-32.1 xen-libs-32bit-4.4.4_02-32.1 xen-tools-4.4.4_02-32.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_02_3.0.101_68-32.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_02_3.0.101_68-32.1 xen-libs-4.4.4_02-32.1 xen-tools-domU-4.4.4_02-32.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): xen-4.4.4_02-32.1 xen-doc-html-4.4.4_02-32.1 xen-libs-32bit-4.4.4_02-32.1 xen-tools-4.4.4_02-32.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586): xen-kmp-pae-4.4.4_02_3.0.101_68-32.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_02-32.1 xen-debugsource-4.4.4_02-32.1 References: https://www.suse.com/security/cve/CVE-2013-4527.html https://www.suse.com/security/cve/CVE-2013-4529.html https://www.suse.com/security/cve/CVE-2013-4530.html https://www.suse.com/security/cve/CVE-2013-4533.html https://www.suse.com/security/cve/CVE-2013-4534.html https://www.suse.com/security/cve/CVE-2013-4537.html https://www.suse.com/security/cve/CVE-2013-4538.html https://www.suse.com/security/cve/CVE-2013-4539.html https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2014-3640.html https://www.suse.com/security/cve/CVE-2014-3689.html https://www.suse.com/security/cve/CVE-2014-7815.html https://www.suse.com/security/cve/CVE-2014-9718.html https://www.suse.com/security/cve/CVE-2015-1779.html https://www.suse.com/security/cve/CVE-2015-5278.html https://www.suse.com/security/cve/CVE-2015-6855.html https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-7549.html https://www.suse.com/security/cve/CVE-2015-8345.html https://www.suse.com/security/cve/CVE-2015-8504.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8554.html https://www.suse.com/security/cve/CVE-2015-8555.html https://www.suse.com/security/cve/CVE-2015-8558.html https://www.suse.com/security/cve/CVE-2015-8567.html https://www.suse.com/security/cve/CVE-2015-8568.html https://www.suse.com/security/cve/CVE-2015-8613.html https://www.suse.com/security/cve/CVE-2015-8619.html https://www.suse.com/security/cve/CVE-2015-8743.html https://www.suse.com/security/cve/CVE-2015-8744.html https://www.suse.com/security/cve/CVE-2015-8745.html https://www.suse.com/security/cve/CVE-2015-8817.html https://www.suse.com/security/cve/CVE-2015-8818.html https://www.suse.com/security/cve/CVE-2016-1568.html https://www.suse.com/security/cve/CVE-2016-1570.html https://www.suse.com/security/cve/CVE-2016-1571.html https://www.suse.com/security/cve/CVE-2016-1714.html https://www.suse.com/security/cve/CVE-2016-1922.html https://www.suse.com/security/cve/CVE-2016-1981.html https://www.suse.com/security/cve/CVE-2016-2198.html https://www.suse.com/security/cve/CVE-2016-2270.html https://www.suse.com/security/cve/CVE-2016-2271.html https://www.suse.com/security/cve/CVE-2016-2391.html https://www.suse.com/security/cve/CVE-2016-2392.html https://www.suse.com/security/cve/CVE-2016-2538.html https://www.suse.com/security/cve/CVE-2016-2841.html https://bugzilla.suse.com/864391 https://bugzilla.suse.com/864655 https://bugzilla.suse.com/864673 https://bugzilla.suse.com/864678 https://bugzilla.suse.com/864682 https://bugzilla.suse.com/864769 https://bugzilla.suse.com/864805 https://bugzilla.suse.com/864811 https://bugzilla.suse.com/877642 https://bugzilla.suse.com/897654 https://bugzilla.suse.com/901508 https://bugzilla.suse.com/902737 https://bugzilla.suse.com/924018 https://bugzilla.suse.com/928393 https://bugzilla.suse.com/945404 https://bugzilla.suse.com/945989 https://bugzilla.suse.com/954872 https://bugzilla.suse.com/956829 https://bugzilla.suse.com/957162 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/958007 https://bugzilla.suse.com/958009 https://bugzilla.suse.com/958491 https://bugzilla.suse.com/958523 https://bugzilla.suse.com/958917 https://bugzilla.suse.com/959005 https://bugzilla.suse.com/959387 https://bugzilla.suse.com/959695 https://bugzilla.suse.com/959928 https://bugzilla.suse.com/960334 https://bugzilla.suse.com/960707 https://bugzilla.suse.com/960725 https://bugzilla.suse.com/960835 https://bugzilla.suse.com/960861 https://bugzilla.suse.com/960862 https://bugzilla.suse.com/961332 https://bugzilla.suse.com/961358 https://bugzilla.suse.com/961691 https://bugzilla.suse.com/962320 https://bugzilla.suse.com/963782 https://bugzilla.suse.com/963923 https://bugzilla.suse.com/964413 https://bugzilla.suse.com/965315 https://bugzilla.suse.com/965317 https://bugzilla.suse.com/967012 https://bugzilla.suse.com/967013 https://bugzilla.suse.com/967630 https://bugzilla.suse.com/967969 https://bugzilla.suse.com/969121 https://bugzilla.suse.com/969122 https://bugzilla.suse.com/969350 From sle-security-updates at lists.suse.com Tue Apr 5 10:07:48 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 18:07:48 +0200 (CEST) Subject: SUSE-SU-2016:0956-1: important: Security update for java-1_7_0-openjdk Message-ID: <20160405160748.5B7A0FFCE@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0956-1 Rating: important References: #972468 Cross-References: CVE-2016-0636 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues: Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) * Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency, which could be used by attackers to inject code. * Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses * Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell * Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. * CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed * AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac * PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-java-1_7_0-openjdk-12493=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-java-1_7_0-openjdk-12493=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): java-1_7_0-openjdk-1.7.0.99-0.20.2 java-1_7_0-openjdk-demo-1.7.0.99-0.20.2 java-1_7_0-openjdk-devel-1.7.0.99-0.20.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): java-1_7_0-openjdk-debuginfo-1.7.0.99-0.20.2 java-1_7_0-openjdk-debugsource-1.7.0.99-0.20.2 References: https://www.suse.com/security/cve/CVE-2016-0636.html https://bugzilla.suse.com/972468 From sle-security-updates at lists.suse.com Tue Apr 5 10:08:06 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 18:08:06 +0200 (CEST) Subject: SUSE-SU-2016:0957-1: important: Security update for java-1_8_0-openjdk Message-ID: <20160405160806.34F9CFFCA@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0957-1 Rating: important References: #972468 Cross-References: CVE-2016-0636 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for java-1_8_0-openjdk to version jdk8u77-b03 fixes the following security issue: * CVE-2016-0636: Improve MethodHandle consistency, which had allowed attackers to execute code. (bsc#972468) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-555=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-555=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.77-6.1 java-1_8_0-openjdk-debuginfo-1.8.0.77-6.1 java-1_8_0-openjdk-debugsource-1.8.0.77-6.1 java-1_8_0-openjdk-demo-1.8.0.77-6.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.77-6.1 java-1_8_0-openjdk-devel-1.8.0.77-6.1 java-1_8_0-openjdk-headless-1.8.0.77-6.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.77-6.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_8_0-openjdk-1.8.0.77-6.1 java-1_8_0-openjdk-debuginfo-1.8.0.77-6.1 java-1_8_0-openjdk-debugsource-1.8.0.77-6.1 java-1_8_0-openjdk-headless-1.8.0.77-6.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.77-6.1 References: https://www.suse.com/security/cve/CVE-2016-0636.html https://bugzilla.suse.com/972468 From sle-security-updates at lists.suse.com Tue Apr 5 10:08:41 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 5 Apr 2016 18:08:41 +0200 (CEST) Subject: SUSE-SU-2016:0959-1: important: Security update for java-1_7_0-openjdk Message-ID: <20160405160841.E796CFFCA@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0959-1 Rating: important References: #972468 Cross-References: CVE-2016-0636 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues: Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) * Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency * Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses * Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell * Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. * CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed * AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac * PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12 Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) * Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency * Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses * Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell * Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. * CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed * AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac * PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-556=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-556=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-556=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-556=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.99-27.1 java-1_7_0-openjdk-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-debugsource-1.7.0.99-27.1 java-1_7_0-openjdk-demo-1.7.0.99-27.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-devel-1.7.0.99-27.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-headless-1.7.0.99-27.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.99-27.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.99-27.1 java-1_7_0-openjdk-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-debugsource-1.7.0.99-27.1 java-1_7_0-openjdk-demo-1.7.0.99-27.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-devel-1.7.0.99-27.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-headless-1.7.0.99-27.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.99-27.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_7_0-openjdk-1.7.0.99-27.1 java-1_7_0-openjdk-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-debugsource-1.7.0.99-27.1 java-1_7_0-openjdk-headless-1.7.0.99-27.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.99-27.1 - SUSE Linux Enterprise Desktop 12 (x86_64): java-1_7_0-openjdk-1.7.0.99-27.1 java-1_7_0-openjdk-debuginfo-1.7.0.99-27.1 java-1_7_0-openjdk-debugsource-1.7.0.99-27.1 java-1_7_0-openjdk-headless-1.7.0.99-27.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.99-27.1 References: https://www.suse.com/security/cve/CVE-2016-0636.html https://bugzilla.suse.com/972468 From sle-security-updates at lists.suse.com Wed Apr 6 12:07:55 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 6 Apr 2016 20:07:55 +0200 (CEST) Subject: SUSE-SU-2016:0963-1: moderate: Security update for gcc5 Message-ID: <20160406180755.2824AFF58@maintenance.suse.de> SUSE Security Update: Security update for gcc5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0963-1 Rating: moderate References: #939460 #945842 #952151 #953831 #954002 #955382 #962765 #964468 #966220 #968771 Cross-References: CVE-2015-5276 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has 9 fixes is now available. Description: The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed: - Fix C++11 std::random_device short read issue that could lead to predictable randomness. (CVE-2015-5276, bsc#945842) The following non-security issues have been fixed: - Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned. Fixes internal compiler error when building Wine. (bsc#966220) - Fix a PowerPC specific issue in gcc-go that broke compilation of newer versions of Docker. (bsc#964468) - Fix HTM built-ins on PowerPC. (bsc#955382) - Fix libgo certificate lookup. (bsc#953831) - Suppress deprecated-declarations warnings for inline definitions of deprecated virtual methods. (bsc#939460) - Build s390[x] with "--with-tune=z9-109 --with-arch=z900" on SLE11 again. (bsc#954002) - Revert accidental libffi ABI breakage on aarch64. (bsc#968771) - On x86_64, set default 32bit code generation to -march=x86-64 rather than -march=i586. - Add experimental File System TS library. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-565=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-565=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-565=1 - SUSE Linux Enterprise Module for Toolchain 12: zypper in -t patch SUSE-SLE-Module-Toolchain-12-2016-565=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-565=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-565=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (s390x x86_64): gcc5-debugsource-5.3.1+r233831-9.1 libgfortran3-32bit-5.3.1+r233831-9.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (x86_64): libquadmath0-32bit-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gcc5-debuginfo-5.3.1+r233831-9.1 gcc5-debugsource-5.3.1+r233831-9.1 libatomic1-5.3.1+r233831-9.1 libatomic1-debuginfo-5.3.1+r233831-9.1 libffi-gcc5-debugsource-5.3.1+r233831-9.1 libffi4-5.3.1+r233831-9.1 libffi4-debuginfo-5.3.1+r233831-9.1 libgcc_s1-5.3.1+r233831-9.1 libgcc_s1-debuginfo-5.3.1+r233831-9.1 libgfortran3-5.3.1+r233831-9.1 libgfortran3-debuginfo-5.3.1+r233831-9.1 libgomp1-5.3.1+r233831-9.1 libgomp1-debuginfo-5.3.1+r233831-9.1 libitm1-5.3.1+r233831-9.1 libitm1-debuginfo-5.3.1+r233831-9.1 libstdc++6-5.3.1+r233831-9.1 libstdc++6-debuginfo-5.3.1+r233831-9.1 libstdc++6-locale-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le x86_64): libasan2-5.3.1+r233831-9.1 libasan2-debuginfo-5.3.1+r233831-9.1 libubsan0-5.3.1+r233831-9.1 libubsan0-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libatomic1-32bit-5.3.1+r233831-9.1 libffi4-32bit-5.3.1+r233831-9.1 libgcc_s1-32bit-5.3.1+r233831-9.1 libgfortran3-32bit-5.3.1+r233831-9.1 libgomp1-32bit-5.3.1+r233831-9.1 libitm1-32bit-5.3.1+r233831-9.1 libstdc++6-32bit-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): libasan2-32bit-5.3.1+r233831-9.1 libcilkrts5-32bit-5.3.1+r233831-9.1 libcilkrts5-5.3.1+r233831-9.1 libcilkrts5-debuginfo-5.3.1+r233831-9.1 liblsan0-5.3.1+r233831-9.1 liblsan0-debuginfo-5.3.1+r233831-9.1 libmpx0-32bit-5.3.1+r233831-9.1 libmpx0-5.3.1+r233831-9.1 libmpx0-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-32bit-5.3.1+r233831-9.1 libmpxwrappers0-5.3.1+r233831-9.1 libmpxwrappers0-debuginfo-5.3.1+r233831-9.1 libquadmath0-32bit-5.3.1+r233831-9.1 libquadmath0-5.3.1+r233831-9.1 libquadmath0-debuginfo-5.3.1+r233831-9.1 libtsan0-5.3.1+r233831-9.1 libtsan0-debuginfo-5.3.1+r233831-9.1 libubsan0-32bit-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gcc5-debugsource-5.3.1+r233831-9.1 libatomic1-5.3.1+r233831-9.1 libatomic1-debuginfo-5.3.1+r233831-9.1 libffi-gcc5-debugsource-5.3.1+r233831-9.1 libffi4-5.3.1+r233831-9.1 libffi4-debuginfo-5.3.1+r233831-9.1 libgcc_s1-5.3.1+r233831-9.1 libgcc_s1-debuginfo-5.3.1+r233831-9.1 libgfortran3-5.3.1+r233831-9.1 libgfortran3-debuginfo-5.3.1+r233831-9.1 libgomp1-5.3.1+r233831-9.1 libgomp1-debuginfo-5.3.1+r233831-9.1 libitm1-5.3.1+r233831-9.1 libitm1-debuginfo-5.3.1+r233831-9.1 libstdc++6-5.3.1+r233831-9.1 libstdc++6-debuginfo-5.3.1+r233831-9.1 libstdc++6-locale-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12 (ppc64le x86_64): libasan2-5.3.1+r233831-9.1 libasan2-debuginfo-5.3.1+r233831-9.1 libubsan0-5.3.1+r233831-9.1 libubsan0-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libatomic1-32bit-5.3.1+r233831-9.1 libatomic1-32bit-debuginfo-5.3.1+r233831-9.1 libffi4-32bit-5.3.1+r233831-9.1 libgcc_s1-32bit-5.3.1+r233831-9.1 libgcc_s1-32bit-debuginfo-5.3.1+r233831-9.1 libgfortran3-32bit-5.3.1+r233831-9.1 libgfortran3-32bit-debuginfo-5.3.1+r233831-9.1 libgomp1-32bit-5.3.1+r233831-9.1 libgomp1-32bit-debuginfo-5.3.1+r233831-9.1 libitm1-32bit-5.3.1+r233831-9.1 libitm1-32bit-debuginfo-5.3.1+r233831-9.1 libstdc++6-32bit-5.3.1+r233831-9.1 libstdc++6-32bit-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Server 12 (x86_64): libasan2-32bit-5.3.1+r233831-9.1 libasan2-32bit-debuginfo-5.3.1+r233831-9.1 libcilkrts5-32bit-5.3.1+r233831-9.1 libcilkrts5-32bit-debuginfo-5.3.1+r233831-9.1 libcilkrts5-5.3.1+r233831-9.1 libcilkrts5-debuginfo-5.3.1+r233831-9.1 liblsan0-5.3.1+r233831-9.1 liblsan0-debuginfo-5.3.1+r233831-9.1 libmpx0-32bit-5.3.1+r233831-9.1 libmpx0-32bit-debuginfo-5.3.1+r233831-9.1 libmpx0-5.3.1+r233831-9.1 libmpx0-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-32bit-5.3.1+r233831-9.1 libmpxwrappers0-32bit-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-5.3.1+r233831-9.1 libmpxwrappers0-debuginfo-5.3.1+r233831-9.1 libquadmath0-32bit-5.3.1+r233831-9.1 libquadmath0-32bit-debuginfo-5.3.1+r233831-9.1 libquadmath0-5.3.1+r233831-9.1 libquadmath0-debuginfo-5.3.1+r233831-9.1 libtsan0-5.3.1+r233831-9.1 libtsan0-debuginfo-5.3.1+r233831-9.1 libubsan0-32bit-5.3.1+r233831-9.1 libubsan0-32bit-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Module for Toolchain 12 (ppc64le s390x x86_64): cpp5-5.3.1+r233831-9.1 cpp5-debuginfo-5.3.1+r233831-9.1 gcc5-5.3.1+r233831-9.1 gcc5-c++-5.3.1+r233831-9.1 gcc5-c++-debuginfo-5.3.1+r233831-9.1 gcc5-debuginfo-5.3.1+r233831-9.1 gcc5-debugsource-5.3.1+r233831-9.1 gcc5-fortran-5.3.1+r233831-9.1 gcc5-fortran-debuginfo-5.3.1+r233831-9.1 gcc5-locale-5.3.1+r233831-9.1 libffi-devel-gcc5-5.3.1+r233831-9.1 libffi-gcc5-debugsource-5.3.1+r233831-9.1 libstdc++6-devel-gcc5-5.3.1+r233831-9.1 - SUSE Linux Enterprise Module for Toolchain 12 (s390x x86_64): gcc5-32bit-5.3.1+r233831-9.1 gcc5-32bit-debuginfo-5.3.1+r233831-9.1 gcc5-c++-32bit-5.3.1+r233831-9.1 gcc5-fortran-32bit-5.3.1+r233831-9.1 libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 - SUSE Linux Enterprise Module for Toolchain 12 (noarch): gcc5-info-5.3.1+r233831-9.1 - SUSE Linux Enterprise Module for Toolchain 12 (x86_64): gcc5-ada-32bit-5.3.1+r233831-9.1 gcc5-ada-5.3.1+r233831-9.1 gcc5-ada-debuginfo-5.3.1+r233831-9.1 libada5-32bit-5.3.1+r233831-9.1 libada5-32bit-debuginfo-5.3.1+r233831-9.1 libada5-5.3.1+r233831-9.1 libada5-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gcc5-debuginfo-5.3.1+r233831-9.1 gcc5-debugsource-5.3.1+r233831-9.1 libasan2-32bit-5.3.1+r233831-9.1 libasan2-5.3.1+r233831-9.1 libasan2-debuginfo-5.3.1+r233831-9.1 libatomic1-32bit-5.3.1+r233831-9.1 libatomic1-5.3.1+r233831-9.1 libatomic1-debuginfo-5.3.1+r233831-9.1 libcilkrts5-32bit-5.3.1+r233831-9.1 libcilkrts5-5.3.1+r233831-9.1 libcilkrts5-debuginfo-5.3.1+r233831-9.1 libffi-gcc5-debugsource-5.3.1+r233831-9.1 libffi4-32bit-5.3.1+r233831-9.1 libffi4-5.3.1+r233831-9.1 libffi4-debuginfo-5.3.1+r233831-9.1 libgcc_s1-32bit-5.3.1+r233831-9.1 libgcc_s1-5.3.1+r233831-9.1 libgcc_s1-debuginfo-5.3.1+r233831-9.1 libgfortran3-32bit-5.3.1+r233831-9.1 libgfortran3-5.3.1+r233831-9.1 libgfortran3-debuginfo-5.3.1+r233831-9.1 libgomp1-32bit-5.3.1+r233831-9.1 libgomp1-5.3.1+r233831-9.1 libgomp1-debuginfo-5.3.1+r233831-9.1 libitm1-32bit-5.3.1+r233831-9.1 libitm1-5.3.1+r233831-9.1 libitm1-debuginfo-5.3.1+r233831-9.1 liblsan0-5.3.1+r233831-9.1 liblsan0-debuginfo-5.3.1+r233831-9.1 libmpx0-32bit-5.3.1+r233831-9.1 libmpx0-5.3.1+r233831-9.1 libmpx0-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-32bit-5.3.1+r233831-9.1 libmpxwrappers0-5.3.1+r233831-9.1 libmpxwrappers0-debuginfo-5.3.1+r233831-9.1 libquadmath0-32bit-5.3.1+r233831-9.1 libquadmath0-5.3.1+r233831-9.1 libquadmath0-debuginfo-5.3.1+r233831-9.1 libstdc++6-32bit-5.3.1+r233831-9.1 libstdc++6-5.3.1+r233831-9.1 libstdc++6-debuginfo-5.3.1+r233831-9.1 libstdc++6-locale-5.3.1+r233831-9.1 libtsan0-5.3.1+r233831-9.1 libtsan0-debuginfo-5.3.1+r233831-9.1 libubsan0-32bit-5.3.1+r233831-9.1 libubsan0-5.3.1+r233831-9.1 libubsan0-debuginfo-5.3.1+r233831-9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gcc5-debugsource-5.3.1+r233831-9.1 libasan2-32bit-5.3.1+r233831-9.1 libasan2-32bit-debuginfo-5.3.1+r233831-9.1 libasan2-5.3.1+r233831-9.1 libasan2-debuginfo-5.3.1+r233831-9.1 libatomic1-32bit-5.3.1+r233831-9.1 libatomic1-32bit-debuginfo-5.3.1+r233831-9.1 libatomic1-5.3.1+r233831-9.1 libatomic1-debuginfo-5.3.1+r233831-9.1 libcilkrts5-32bit-5.3.1+r233831-9.1 libcilkrts5-32bit-debuginfo-5.3.1+r233831-9.1 libcilkrts5-5.3.1+r233831-9.1 libcilkrts5-debuginfo-5.3.1+r233831-9.1 libffi-gcc5-debugsource-5.3.1+r233831-9.1 libffi4-32bit-5.3.1+r233831-9.1 libffi4-32bit-debuginfo-5.3.1+r233831-9.1 libffi4-5.3.1+r233831-9.1 libffi4-debuginfo-5.3.1+r233831-9.1 libgcc_s1-32bit-5.3.1+r233831-9.1 libgcc_s1-32bit-debuginfo-5.3.1+r233831-9.1 libgcc_s1-5.3.1+r233831-9.1 libgcc_s1-debuginfo-5.3.1+r233831-9.1 libgfortran3-32bit-5.3.1+r233831-9.1 libgfortran3-32bit-debuginfo-5.3.1+r233831-9.1 libgfortran3-5.3.1+r233831-9.1 libgfortran3-debuginfo-5.3.1+r233831-9.1 libgomp1-32bit-5.3.1+r233831-9.1 libgomp1-32bit-debuginfo-5.3.1+r233831-9.1 libgomp1-5.3.1+r233831-9.1 libgomp1-debuginfo-5.3.1+r233831-9.1 libitm1-32bit-5.3.1+r233831-9.1 libitm1-32bit-debuginfo-5.3.1+r233831-9.1 libitm1-5.3.1+r233831-9.1 libitm1-debuginfo-5.3.1+r233831-9.1 liblsan0-5.3.1+r233831-9.1 liblsan0-debuginfo-5.3.1+r233831-9.1 libmpx0-32bit-5.3.1+r233831-9.1 libmpx0-32bit-debuginfo-5.3.1+r233831-9.1 libmpx0-5.3.1+r233831-9.1 libmpx0-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-32bit-5.3.1+r233831-9.1 libmpxwrappers0-32bit-debuginfo-5.3.1+r233831-9.1 libmpxwrappers0-5.3.1+r233831-9.1 libmpxwrappers0-debuginfo-5.3.1+r233831-9.1 libquadmath0-32bit-5.3.1+r233831-9.1 libquadmath0-32bit-debuginfo-5.3.1+r233831-9.1 libquadmath0-5.3.1+r233831-9.1 libquadmath0-debuginfo-5.3.1+r233831-9.1 libstdc++6-32bit-5.3.1+r233831-9.1 libstdc++6-32bit-debuginfo-5.3.1+r233831-9.1 libstdc++6-5.3.1+r233831-9.1 libstdc++6-debuginfo-5.3.1+r233831-9.1 libstdc++6-locale-5.3.1+r233831-9.1 libtsan0-5.3.1+r233831-9.1 libtsan0-debuginfo-5.3.1+r233831-9.1 libubsan0-32bit-5.3.1+r233831-9.1 libubsan0-32bit-debuginfo-5.3.1+r233831-9.1 libubsan0-5.3.1+r233831-9.1 libubsan0-debuginfo-5.3.1+r233831-9.1 References: https://www.suse.com/security/cve/CVE-2015-5276.html https://bugzilla.suse.com/939460 https://bugzilla.suse.com/945842 https://bugzilla.suse.com/952151 https://bugzilla.suse.com/953831 https://bugzilla.suse.com/954002 https://bugzilla.suse.com/955382 https://bugzilla.suse.com/962765 https://bugzilla.suse.com/964468 https://bugzilla.suse.com/966220 https://bugzilla.suse.com/968771 From sle-security-updates at lists.suse.com Thu Apr 7 05:08:19 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 7 Apr 2016 13:08:19 +0200 (CEST) Subject: SUSE-SU-2016:0967-1: important: Security update for rubygem-actionpack-3_2 Message-ID: <20160407110819.5B643FF8E@maintenance.suse.de> SUSE Security Update: Security update for rubygem-actionpack-3_2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0967-1 Rating: important References: #968849 #968850 Cross-References: CVE-2016-2097 CVE-2016-2098 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rubygem-actionpack-3_2 fixes the following issues: - CVE-2016-2097: rubygem-actionview: Possible Information Leak Vulnerability in Action View. (bsc#968850) - CVE-2016-2098: rubygem-actionpack: Possible remote code execution vulnerability in Action Pack (bsc#968849) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-actionpack-3_2-12497=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-actionpack-3_2-12497=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-rubygem-actionpack-3_2-12497=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-actionpack-3_2-12497=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-actionpack-3_2-3.2.12-0.26.1 - SUSE Studio Onsite 1.3 (x86_64): rubygem-actionpack-3_2-3.2.12-0.26.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): rubygem-actionpack-3_2-3.2.12-0.26.1 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-actionpack-3_2-3.2.12-0.26.1 References: https://www.suse.com/security/cve/CVE-2016-2097.html https://www.suse.com/security/cve/CVE-2016-2098.html https://bugzilla.suse.com/968849 https://bugzilla.suse.com/968850 From sle-security-updates at lists.suse.com Thu Apr 7 05:09:01 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 7 Apr 2016 13:09:01 +0200 (CEST) Subject: SUSE-SU-2016:0968-1: moderate: Security update for rubygem-activesupport-3_2 Message-ID: <20160407110901.A4A90FF8E@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activesupport-3_2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0968-1 Rating: moderate References: #970715 Cross-References: CVE-2015-7576 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-activesupport-3_2 fixes the following issues: The previous patch for CVE-2015-7576 was adding the file lib/active_support/security_utils.rb but this file was not being added into the gemspec,thus the final gem did not contain that file. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-activesupport-3_2-12498=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-activesupport-3_2-12498=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-rubygem-activesupport-3_2-12498=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-activesupport-3_2-12498=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-3_2-3.2.12-0.21.1 - SUSE Studio Onsite 1.3 (x86_64): rubygem-activesupport-3_2-3.2.12-0.21.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-3_2-3.2.12-0.21.1 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-activesupport-3_2-3.2.12-0.21.1 References: https://www.suse.com/security/cve/CVE-2015-7576.html https://bugzilla.suse.com/970715 From sle-security-updates at lists.suse.com Thu Apr 7 07:07:47 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 7 Apr 2016 15:07:47 +0200 (CEST) Subject: SUSE-SU-2016:0970-1: moderate: Security update for salt Message-ID: <20160407130747.05C57FFD5@maintenance.suse.de> SUSE Security Update: Security update for salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0970-1 Rating: moderate References: #972436 Cross-References: CVE-2016-3176 Affected Products: SUSE Enterprise Storage 2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: salt was updated to fix one security issue. This security issue was fixed: - CVE-2016-3176: Insecure configuration of PAM external authentication service. Authenticating were able to specify the PAM service (bsc#972436). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 2: zypper in -t patch SUSE-Storage-2-2016-572=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 2 (noarch): salt-2014.1.10-3.1 salt-master-2014.1.10-3.1 salt-minion-2014.1.10-3.1 References: https://www.suse.com/security/cve/CVE-2016-3176.html https://bugzilla.suse.com/972436 From sle-security-updates at lists.suse.com Thu Apr 7 07:08:18 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 7 Apr 2016 15:08:18 +0200 (CEST) Subject: SUSE-SU-2016:0972-1: moderate: Security update for salt Message-ID: <20160407130818.6D5AEFF8E@maintenance.suse.de> SUSE Security Update: Security update for salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0972-1 Rating: moderate References: #972436 Cross-References: CVE-2016-3176 Affected Products: SUSE Enterprise Storage 2.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: salt was updated to fix one security issue. This security issue was fixed: - CVE-2016-3176: Insecure configuration of PAM external authentication service. Authenticating were able to specify the PAM service (bsc#972436). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 2.1: zypper in -t patch SUSE-Storage-2.1-2016-573=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 2.1 (noarch): salt-2014.1.10-5.1 salt-master-2014.1.10-5.1 salt-minion-2014.1.10-5.1 References: https://www.suse.com/security/cve/CVE-2016-3176.html https://bugzilla.suse.com/972436 From sle-security-updates at lists.suse.com Fri Apr 8 09:07:59 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 8 Apr 2016 17:07:59 +0200 (CEST) Subject: SUSE-SU-2016:0990-1: important: Security update for flash-player Message-ID: <20160408150759.AA638FF93@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0990-1 Rating: important References: #974209 Cross-References: CVE-2016-1019 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2016-1019: Adobe Flash Player allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016 (bsc#974209). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-582=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-582=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-582=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-582=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-11.2.202.616-126.1 flash-player-gnome-11.2.202.616-126.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): flash-player-11.2.202.616-126.1 flash-player-gnome-11.2.202.616-126.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-11.2.202.616-126.1 flash-player-gnome-11.2.202.616-126.1 - SUSE Linux Enterprise Desktop 12 (x86_64): flash-player-11.2.202.616-126.1 flash-player-gnome-11.2.202.616-126.1 References: https://www.suse.com/security/cve/CVE-2016-1019.html https://bugzilla.suse.com/974209 From sle-security-updates at lists.suse.com Fri Apr 8 11:10:07 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 8 Apr 2016 19:10:07 +0200 (CEST) Subject: SUSE-SU-2016:0994-1: moderate: Security update for krb5 Message-ID: <20160408171007.DFB39FF40@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0994-1 Rating: moderate References: #971942 Cross-References: CVE-2016-3119 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modify_principal command, if kadmind is configured to use the LDAP KDB module. (bsc#971942) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-586=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-586=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-586=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-586=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-586=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-586=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): krb5-debuginfo-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 krb5-devel-1.12.1-28.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): krb5-debuginfo-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 krb5-devel-1.12.1-28.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): krb5-1.12.1-28.1 krb5-client-1.12.1-28.1 krb5-client-debuginfo-1.12.1-28.1 krb5-debuginfo-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 krb5-doc-1.12.1-28.1 krb5-plugin-kdb-ldap-1.12.1-28.1 krb5-plugin-kdb-ldap-debuginfo-1.12.1-28.1 krb5-plugin-preauth-otp-1.12.1-28.1 krb5-plugin-preauth-otp-debuginfo-1.12.1-28.1 krb5-plugin-preauth-pkinit-1.12.1-28.1 krb5-plugin-preauth-pkinit-debuginfo-1.12.1-28.1 krb5-server-1.12.1-28.1 krb5-server-debuginfo-1.12.1-28.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): krb5-32bit-1.12.1-28.1 krb5-debuginfo-32bit-1.12.1-28.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): krb5-1.12.1-28.1 krb5-client-1.12.1-28.1 krb5-client-debuginfo-1.12.1-28.1 krb5-debuginfo-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 krb5-doc-1.12.1-28.1 krb5-plugin-kdb-ldap-1.12.1-28.1 krb5-plugin-kdb-ldap-debuginfo-1.12.1-28.1 krb5-plugin-preauth-otp-1.12.1-28.1 krb5-plugin-preauth-otp-debuginfo-1.12.1-28.1 krb5-plugin-preauth-pkinit-1.12.1-28.1 krb5-plugin-preauth-pkinit-debuginfo-1.12.1-28.1 krb5-server-1.12.1-28.1 krb5-server-debuginfo-1.12.1-28.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): krb5-32bit-1.12.1-28.1 krb5-debuginfo-32bit-1.12.1-28.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): krb5-1.12.1-28.1 krb5-32bit-1.12.1-28.1 krb5-client-1.12.1-28.1 krb5-client-debuginfo-1.12.1-28.1 krb5-debuginfo-1.12.1-28.1 krb5-debuginfo-32bit-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 - SUSE Linux Enterprise Desktop 12 (x86_64): krb5-1.12.1-28.1 krb5-32bit-1.12.1-28.1 krb5-client-1.12.1-28.1 krb5-client-debuginfo-1.12.1-28.1 krb5-debuginfo-1.12.1-28.1 krb5-debuginfo-32bit-1.12.1-28.1 krb5-debugsource-1.12.1-28.1 References: https://www.suse.com/security/cve/CVE-2016-3119.html https://bugzilla.suse.com/971942 From sle-security-updates at lists.suse.com Tue Apr 12 06:08:19 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 12 Apr 2016 14:08:19 +0200 (CEST) Subject: SUSE-SU-2016:1010-1: important: Security update for mercurial Message-ID: <20160412120819.7D004FF7B@maintenance.suse.de> SUSE Security Update: Security update for mercurial ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1010-1 Rating: important References: #973175 #973176 #973177 Cross-References: CVE-2016-3068 CVE-2016-3069 CVE-2016-3630 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos (bsc#973176). - CVE-2016-3068: Arbitrary code execution with Git subrepos (bsc#973177). - CVE-2016-3630: Remote code execution in binary delta decoding (bsc#973175). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-596=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-596=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): mercurial-2.8.2-6.1 mercurial-debuginfo-2.8.2-6.1 mercurial-debugsource-2.8.2-6.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): mercurial-2.8.2-6.1 mercurial-debuginfo-2.8.2-6.1 mercurial-debugsource-2.8.2-6.1 References: https://www.suse.com/security/cve/CVE-2016-3068.html https://www.suse.com/security/cve/CVE-2016-3069.html https://www.suse.com/security/cve/CVE-2016-3630.html https://bugzilla.suse.com/973175 https://bugzilla.suse.com/973176 https://bugzilla.suse.com/973177 From sle-security-updates at lists.suse.com Tue Apr 12 06:08:54 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 12 Apr 2016 14:08:54 +0200 (CEST) Subject: SUSE-SU-2016:1011-1: important: Security update for mercurial Message-ID: <20160412120854.09D81FF7B@maintenance.suse.de> SUSE Security Update: Security update for mercurial ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1011-1 Rating: important References: #973175 #973176 #973177 Cross-References: CVE-2016-3068 CVE-2016-3069 CVE-2016-3630 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos (bsc#973176). - CVE-2016-3068: Arbitrary code execution with Git subrepos (bsc#973177). - CVE-2016-3630: Remote code execution in binary delta decoding (bsc#973175). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-mercurial-12505=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-mercurial-12505=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): mercurial-2.3.2-0.11.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): mercurial-debuginfo-2.3.2-0.11.1 mercurial-debugsource-2.3.2-0.11.1 References: https://www.suse.com/security/cve/CVE-2016-3068.html https://www.suse.com/security/cve/CVE-2016-3069.html https://www.suse.com/security/cve/CVE-2016-3630.html https://bugzilla.suse.com/973175 https://bugzilla.suse.com/973176 https://bugzilla.suse.com/973177 From sle-security-updates at lists.suse.com Tue Apr 12 13:09:07 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 12 Apr 2016 21:09:07 +0200 (CEST) Subject: SUSE-SU-2016:1019-1: important: Security update for the Linux Kernel Message-ID: <20160412190907.ED807FF3C@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1019-1 Rating: important References: #816099 #867251 #875631 #880007 #943645 #944749 #945219 #949752 #955308 #956084 #956852 #957986 #959146 #959257 #959463 #959709 #960174 #960458 #960561 #960629 #961257 #961500 #961516 #961588 #961658 #963193 #963746 #963765 #963827 #963960 #964201 #964730 #965087 #965199 #965830 #965891 #965924 #966026 #966094 #966278 #966437 #966471 #966693 #966831 #966864 #966910 #967047 #967292 #967299 #967650 #967651 #967802 #967903 #968010 #968018 #968074 #968141 #968206 #968230 #968234 #968253 #968448 #968512 #968643 #968670 #969112 #969439 #969571 #969655 #969690 #969735 #969992 #969993 #970062 #970160 #970249 #970909 #971125 #971360 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2015-8816 CVE-2016-2143 CVE-2016-2184 CVE-2016-2384 CVE-2016-2782 CVE-2016-3139 CVE-2016-3156 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has 70 fixes is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.57 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966437) - CVE-2015-8816: A malicious USB device could cause a kernel crash in the USB hub driver. (bnc#968010). - CVE-2016-2143: On zSeries a fork of a large process could have caused memory corruption due to incorrect page table handling. (bnc#970504) - CVE-2016-2184: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#971125). - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#966693) - CVE-2016-2782: A malicious USB device could cause a kernel crash in the usb visor driver. (bnc#968670). - CVE-2016-3139: A malicious USB device could cause a kernel crash in the wacom driver. (bnc#970909). - CVE-2016-3156: Removal of ipv4 interfaces with a large number of IP addresses was taking very long. (bsc#971360). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here (bnc#960561). The following non-security bugs were fixed: - aacraid: Refresh patches.drivers/0005-aacraid-MSI-x-support.patch. (boo#970249) - acpi: processor: Introduce apic_id in struct processor to save parsed APIC id (bsc#959463). - alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018). - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018). - btrfs: Account data space in more proper timing: (bsc#963193). - btrfs: Add handler for invalidate page (bsc#963193). - btrfs: check prepare_uptodate_page() error code earlier (bnc#966910). - btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193). - btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193). - btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193). - btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193). - btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193). - btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193). - btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193). - btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193). - btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193). - btrfs: fallocate: Added a prerequisite patch and rebased the chunks that had previously been taken from it. Fixes a warning we had in fs/btrfs/file.c. - btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193). - btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230). - btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230). - btrfs: fix warning in backref walking (bnc#966278). - btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193). - btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193). - btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193). - btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193). - btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193). - btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193). - btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193). - btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439). - btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193). - btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193). - btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193). - btrfs: qgroup: Use new metadata reservation (bsc#963193). - dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752). - dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292). - drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827). - drivers: hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924). - drivers: hv: Define the channel type for Hyper-V PCI Express pass-through (bnc#965924). - drivers: hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924). - drivers: hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924). - drivers: hv: kvp: fix IP Failover. - drivers: pci:hv: New paravirtual PCI front-end for Hyper-V VMs (bnc#965924). - drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625). - drivers: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625). - e1000e: Avoid divide by zero error (bsc#968643). - e1000e: fix division by zero on jumbo MTUs (bsc#968643). - e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643). - efi: Ignore efivar_validate kabi failures -- it's an EFI internal function. - fix: print ext4 mountopt data_err=abort correctly (bsc#969735). - Fix problem with setting ACL on directories (bsc#867251). - fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960). - futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174). - hv: Lock access to hyperv_mmio resource tree (bnc#965924). - hv: Make a function to free mmio regions through vmbus (bnc#965924). - hv: Reverse order of resources in hyperv_mmio (bnc#965924). - hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924). - hv: Use new vmbus_mmio_free() from client drivers (bnc#965924). - hwmon: (coretemp) Increase maximum core to 128 (bsc#970160) - ibmvnic: Fix ibmvnic_capability struct (fate#320253). - intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650). - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852). - kabi: Preserve checksum of kvm_x86_ops (bsc#969112). - kabi: protect struct acpi_processor signature (bsc#959463). - kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296). - kvm: SVM: add rdmsr support for AMD event registers (bsc#968448). - kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471). - kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471). - kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471). - kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471). - libata: Revert "libata: Align ata_device's id on a cacheline". - libceph: fix scatterlist last_piece calculation (bsc#963746). - lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690). - memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571). - mld, igmp: Fix reserved tailroom calculation (bsc#956852). - namespaces: Re-introduce task_nsproxy() helper (bug#963960). - namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960). - net: core: Correct an over-stringent device loop detection (bsc#945219). - net: irda: Fix use-after-free in irtty_open() (bnc#967903). - net: Revert "net/ipv6: add sysctl option accept_ra_min_hop_limit". - nfs4: treat lock owners as opaque values (bnc#968141). - nfs: Background flush should not be low priority (bsc#955308). - nfsd: fix nfsd_setattr return code for HSM (bsc#969992). - nfs: do not use STABLE writes during writeback (bnc#816099). - nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201). - nvme: default to 4k device page size (bsc#967047). - nvme: special case AEN requests (bsc#965087). - pci: Add global pci_lock_rescan_remove() (bnc#965924). - pci: allow access to VPD attributes with size 0 (bsc#959146). - pciback: Check PF instead of VF for PCI_COMMAND_MEMORY. - pciback: Save the number of MSI-X entries to be copied later. - pci: Blacklist vpd access for buggy devices (bsc#959146). - pci: Determine actual VPD size on first access (bsc#959146). - pci: Export symbols required for loadable host driver modules (bnc#965924). - pci: pciehp: Disable link notification across slot reset (bsc#967651). - pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651). - pci: pciehp: Do not disable the link permanently during removal (bsc#967651). - pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651). - pci: Update VPD definitions (bsc#959146). - perf, nmi: Fix unknown NMI warning (bsc#968512). - proc: Fix ptrace-based permission checks for accessing task maps. - pv6: Revert "ipv6: tcp: add rcu locking in tcp_v6_send_synack()" (bnc#961257). - qla2xxx: Remove unavailable firmware files (bsc#943645). - rbd: do not log miscompare as an error (bsc#970062). - resources: Set type in __request_region() (bnc#965924). - rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51). - rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253) - scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458). - scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199). - scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831). - series.conf: add section comments - supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074) - supported.conf: Add Hyper-V modules to -base (bsc#965830) - supported.conf: Add isofs to -base (bsc#969655). - supported.conf: Add more qemu device driver (bsc#968234) - supported.conf: Add mptspi and mptsas to -base (bsc#968206) - supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802) - supported.conf: Add tulip to -base for Hyper-V (bsc#968234) - supported.conf: Add virtio-rng (bsc#966026) - supported.conf: Add xen-blkfront. - supported.conf: Add xfs to -base (bsc#965891) - supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12. - tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864). - usb: Quiet down false peer failure messages (bnc#960629). - x86: export x86_msi (bnc#965924). - xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658). - xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625). - xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625). - xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625). - xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625). - xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625). - xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625). - xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625). - xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625). - xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625). - xen: block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625). - xen: Refresh patches.xen/xen3-patch-2.6.33 (detect NX support early). - xen: Refresh patches.xen/xen-vscsi-large-requests (gsc#966094). - xen: Update Xen config files (enable upstream block frontend). - xen: Update Xen patches to 3.12.55. - xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094). - xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993). - xfs/dmapi: propertly send postcreate event (bsc#967299). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-600=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-600=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-600=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-600=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-600=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-600=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.57-60.35.1 kernel-default-debugsource-3.12.57-60.35.1 kernel-default-extra-3.12.57-60.35.1 kernel-default-extra-debuginfo-3.12.57-60.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.57-60.35.1 kernel-obs-build-debugsource-3.12.57-60.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.57-60.35.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.57-60.35.1 kernel-default-base-3.12.57-60.35.1 kernel-default-base-debuginfo-3.12.57-60.35.1 kernel-default-debuginfo-3.12.57-60.35.1 kernel-default-debugsource-3.12.57-60.35.1 kernel-default-devel-3.12.57-60.35.1 kernel-syms-3.12.57-60.35.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.57-60.35.1 kernel-xen-base-3.12.57-60.35.1 kernel-xen-base-debuginfo-3.12.57-60.35.1 kernel-xen-debuginfo-3.12.57-60.35.1 kernel-xen-debugsource-3.12.57-60.35.1 kernel-xen-devel-3.12.57-60.35.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.57-60.35.1 kernel-macros-3.12.57-60.35.1 kernel-source-3.12.57-60.35.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.57-60.35.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.57-60.35.1 kernel-ec2-debuginfo-3.12.57-60.35.1 kernel-ec2-debugsource-3.12.57-60.35.1 kernel-ec2-devel-3.12.57-60.35.1 kernel-ec2-extra-3.12.57-60.35.1 kernel-ec2-extra-debuginfo-3.12.57-60.35.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_57-60_35-default-1-2.3 kgraft-patch-3_12_57-60_35-xen-1-2.3 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.57-60.35.1 kernel-macros-3.12.57-60.35.1 kernel-source-3.12.57-60.35.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.57-60.35.1 kernel-default-debuginfo-3.12.57-60.35.1 kernel-default-debugsource-3.12.57-60.35.1 kernel-default-devel-3.12.57-60.35.1 kernel-default-extra-3.12.57-60.35.1 kernel-default-extra-debuginfo-3.12.57-60.35.1 kernel-syms-3.12.57-60.35.1 kernel-xen-3.12.57-60.35.1 kernel-xen-debuginfo-3.12.57-60.35.1 kernel-xen-debugsource-3.12.57-60.35.1 kernel-xen-devel-3.12.57-60.35.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2015-8816.html https://www.suse.com/security/cve/CVE-2016-2143.html https://www.suse.com/security/cve/CVE-2016-2184.html https://www.suse.com/security/cve/CVE-2016-2384.html https://www.suse.com/security/cve/CVE-2016-2782.html https://www.suse.com/security/cve/CVE-2016-3139.html https://www.suse.com/security/cve/CVE-2016-3156.html https://bugzilla.suse.com/816099 https://bugzilla.suse.com/867251 https://bugzilla.suse.com/875631 https://bugzilla.suse.com/880007 https://bugzilla.suse.com/943645 https://bugzilla.suse.com/944749 https://bugzilla.suse.com/945219 https://bugzilla.suse.com/949752 https://bugzilla.suse.com/955308 https://bugzilla.suse.com/956084 https://bugzilla.suse.com/956852 https://bugzilla.suse.com/957986 https://bugzilla.suse.com/959146 https://bugzilla.suse.com/959257 https://bugzilla.suse.com/959463 https://bugzilla.suse.com/959709 https://bugzilla.suse.com/960174 https://bugzilla.suse.com/960458 https://bugzilla.suse.com/960561 https://bugzilla.suse.com/960629 https://bugzilla.suse.com/961257 https://bugzilla.suse.com/961500 https://bugzilla.suse.com/961516 https://bugzilla.suse.com/961588 https://bugzilla.suse.com/961658 https://bugzilla.suse.com/963193 https://bugzilla.suse.com/963746 https://bugzilla.suse.com/963765 https://bugzilla.suse.com/963827 https://bugzilla.suse.com/963960 https://bugzilla.suse.com/964201 https://bugzilla.suse.com/964730 https://bugzilla.suse.com/965087 https://bugzilla.suse.com/965199 https://bugzilla.suse.com/965830 https://bugzilla.suse.com/965891 https://bugzilla.suse.com/965924 https://bugzilla.suse.com/966026 https://bugzilla.suse.com/966094 https://bugzilla.suse.com/966278 https://bugzilla.suse.com/966437 https://bugzilla.suse.com/966471 https://bugzilla.suse.com/966693 https://bugzilla.suse.com/966831 https://bugzilla.suse.com/966864 https://bugzilla.suse.com/966910 https://bugzilla.suse.com/967047 https://bugzilla.suse.com/967292 https://bugzilla.suse.com/967299 https://bugzilla.suse.com/967650 https://bugzilla.suse.com/967651 https://bugzilla.suse.com/967802 https://bugzilla.suse.com/967903 https://bugzilla.suse.com/968010 https://bugzilla.suse.com/968018 https://bugzilla.suse.com/968074 https://bugzilla.suse.com/968141 https://bugzilla.suse.com/968206 https://bugzilla.suse.com/968230 https://bugzilla.suse.com/968234 https://bugzilla.suse.com/968253 https://bugzilla.suse.com/968448 https://bugzilla.suse.com/968512 https://bugzilla.suse.com/968643 https://bugzilla.suse.com/968670 https://bugzilla.suse.com/969112 https://bugzilla.suse.com/969439 https://bugzilla.suse.com/969571 https://bugzilla.suse.com/969655 https://bugzilla.suse.com/969690 https://bugzilla.suse.com/969735 https://bugzilla.suse.com/969992 https://bugzilla.suse.com/969993 https://bugzilla.suse.com/970062 https://bugzilla.suse.com/970160 https://bugzilla.suse.com/970249 https://bugzilla.suse.com/970909 https://bugzilla.suse.com/971125 https://bugzilla.suse.com/971360 From sle-security-updates at lists.suse.com Tue Apr 12 16:08:02 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 13 Apr 2016 00:08:02 +0200 (CEST) Subject: SUSE-SU-2016:1022-1: important: Security update for samba Message-ID: <20160412220802.39048FF3C@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1022-1 Rating: important References: #320709 #913547 #919309 #924519 #936862 #942716 #946051 #949022 #964023 #966271 #968973 #971965 #972197 #973031 #973032 #973033 #973034 #973036 #973832 #974629 Cross-References: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has 13 fixes is now available. Description: Samba was updated to the 4.2.x codestream, bringing some new features and security fixes (bsc#973832, FATE#320709). These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). Also the following fixes were done: - Upgrade on-disk FSRVP server state to new version; (bsc#924519). - Fix samba.tests.messaging test and prevent potential tdb corruption by removing obsolete now invalid tdb_close call; (bsc#974629). - Align fsrvp feature sources with upstream version. - Obsolete libsmbsharemodes0 from samba-libs and libsmbsharemodes-devel from samba-core-devel; (bsc#973832). - s3:utils/smbget: Fix recursive download; (bso#6482). - s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support; (bso#10489). - docs: Add example for domain logins to smbspool man page; (bso#11643). - s3-client: Add a KRB5 wrapper for smbspool; (bso#11690). - loadparm: Fix memory leak issue; (bso#11708). - lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714). - ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."; (bso#11719). - s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file; (bso#11727). - param: Fix str_list_v3 to accept ";" again; (bso#11732). - Real memeory leak(buildup) issue in loadparm; (bso#11740). - Obsolete libsmbclient from libsmbclient0 and libpdb-devel from libsamba-passdb-devel while not providing it; (bsc#972197). - Getting and setting Windows ACLs on symlinks can change permissions on link - Only obsolete but do not provide gplv2/3 package names; (bsc#968973). - Enable clustering (CTDB) support; (bsc#966271). - s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023). - vfs_fruit: Fix renaming directories with open files; (bso#11065). - Fix MacOS finder error 36 when copying folder to Samba; (bso#11347). - s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). - Fix copying files with vfs_fruit when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). - s3:libsmb: Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). - Reduce the memory footprint of empty string options; (bso#11625). - lib/async_req: Do not install async_connect_send_test; (bso#11639). - docs: Fix typos in man vfs_gpfs; (bso#11641). - smbd: make "hide dot files" option work with "store dos attributes = yes"; (bso#11645). - smbcacls: Fix uninitialized variable; (bso#11682). - s3:smbd: Ignore initial allocation size for directory creation; (bso#11684). - Changing log level of two entries to from 1 to 3; (bso#9912). - vfs_gpfs: Re-enable share modes; (bso#11243). - wafsamba: Also build libraries with RELRO protection; (bso#11346). - ctdb: Strip trailing spaces from nodes file; (bso#11365). - s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute type of zero; (bso#11452). - nss_wins: Do not run into use after free issues when we access memory allocated on the globals and the global being reinitialized; (bso#11563). - async_req: Fix non-blocking connect(); (bso#11564). - auth: gensec: Fix a memory leak; (bso#11565). - lib: util: Make non-critical message a warning; (bso#11566). - Fix winbindd crashes with samlogon for trusted domain user; (bso#11569); (bsc#949022). - smbd: Send SMB2 oplock breaks unencrypted; (bso#11570). - ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577). - manpage: Correct small typo error; (bso#11584). - s3: smbd: If EA's are turned off on a share don't allow an SMB2 create containing them; (bso#11589). - Backport some valgrind fixes from upstream master; (bso#11597). - s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle; (bso#11615). - docs: Fix some typos in the idmap config section of man 5 smb.conf; (bso#11619). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-605=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-605=1 - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2016-605=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-605=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): ctdb-debuginfo-4.2.4-18.17.1 ctdb-devel-4.2.4-18.17.1 libdcerpc-atsvc-devel-4.2.4-18.17.1 libdcerpc-atsvc0-4.2.4-18.17.1 libdcerpc-atsvc0-debuginfo-4.2.4-18.17.1 libdcerpc-devel-4.2.4-18.17.1 libdcerpc-samr-devel-4.2.4-18.17.1 libdcerpc-samr0-4.2.4-18.17.1 libdcerpc-samr0-debuginfo-4.2.4-18.17.1 libgensec-devel-4.2.4-18.17.1 libndr-devel-4.2.4-18.17.1 libndr-krb5pac-devel-4.2.4-18.17.1 libndr-nbt-devel-4.2.4-18.17.1 libndr-standard-devel-4.2.4-18.17.1 libnetapi-devel-4.2.4-18.17.1 libregistry-devel-4.2.4-18.17.1 libsamba-credentials-devel-4.2.4-18.17.1 libsamba-hostconfig-devel-4.2.4-18.17.1 libsamba-passdb-devel-4.2.4-18.17.1 libsamba-policy-devel-4.2.4-18.17.1 libsamba-policy0-4.2.4-18.17.1 libsamba-policy0-debuginfo-4.2.4-18.17.1 libsamba-util-devel-4.2.4-18.17.1 libsamdb-devel-4.2.4-18.17.1 libsmbclient-devel-4.2.4-18.17.1 libsmbclient-raw-devel-4.2.4-18.17.1 libsmbconf-devel-4.2.4-18.17.1 libsmbldap-devel-4.2.4-18.17.1 libtevent-util-devel-4.2.4-18.17.1 libwbclient-devel-4.2.4-18.17.1 samba-core-devel-4.2.4-18.17.1 samba-debuginfo-4.2.4-18.17.1 samba-debugsource-4.2.4-18.17.1 samba-test-devel-4.2.4-18.17.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libdcerpc-binding0-4.2.4-18.17.1 libdcerpc-binding0-debuginfo-4.2.4-18.17.1 libdcerpc0-4.2.4-18.17.1 libdcerpc0-debuginfo-4.2.4-18.17.1 libgensec0-4.2.4-18.17.1 libgensec0-debuginfo-4.2.4-18.17.1 libndr-krb5pac0-4.2.4-18.17.1 libndr-krb5pac0-debuginfo-4.2.4-18.17.1 libndr-nbt0-4.2.4-18.17.1 libndr-nbt0-debuginfo-4.2.4-18.17.1 libndr-standard0-4.2.4-18.17.1 libndr-standard0-debuginfo-4.2.4-18.17.1 libndr0-4.2.4-18.17.1 libndr0-debuginfo-4.2.4-18.17.1 libnetapi0-4.2.4-18.17.1 libnetapi0-debuginfo-4.2.4-18.17.1 libregistry0-4.2.4-18.17.1 libregistry0-debuginfo-4.2.4-18.17.1 libsamba-credentials0-4.2.4-18.17.1 libsamba-credentials0-debuginfo-4.2.4-18.17.1 libsamba-hostconfig0-4.2.4-18.17.1 libsamba-hostconfig0-debuginfo-4.2.4-18.17.1 libsamba-passdb0-4.2.4-18.17.1 libsamba-passdb0-debuginfo-4.2.4-18.17.1 libsamba-util0-4.2.4-18.17.1 libsamba-util0-debuginfo-4.2.4-18.17.1 libsamdb0-4.2.4-18.17.1 libsamdb0-debuginfo-4.2.4-18.17.1 libsmbclient-raw0-4.2.4-18.17.1 libsmbclient-raw0-debuginfo-4.2.4-18.17.1 libsmbclient0-4.2.4-18.17.1 libsmbclient0-debuginfo-4.2.4-18.17.1 libsmbconf0-4.2.4-18.17.1 libsmbconf0-debuginfo-4.2.4-18.17.1 libsmbldap0-4.2.4-18.17.1 libsmbldap0-debuginfo-4.2.4-18.17.1 libtevent-util0-4.2.4-18.17.1 libtevent-util0-debuginfo-4.2.4-18.17.1 libwbclient0-4.2.4-18.17.1 libwbclient0-debuginfo-4.2.4-18.17.1 samba-4.2.4-18.17.1 samba-client-4.2.4-18.17.1 samba-client-debuginfo-4.2.4-18.17.1 samba-debuginfo-4.2.4-18.17.1 samba-debugsource-4.2.4-18.17.1 samba-libs-4.2.4-18.17.1 samba-libs-debuginfo-4.2.4-18.17.1 samba-winbind-4.2.4-18.17.1 samba-winbind-debuginfo-4.2.4-18.17.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-18.17.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.17.1 libdcerpc0-32bit-4.2.4-18.17.1 libdcerpc0-debuginfo-32bit-4.2.4-18.17.1 libgensec0-32bit-4.2.4-18.17.1 libgensec0-debuginfo-32bit-4.2.4-18.17.1 libndr-krb5pac0-32bit-4.2.4-18.17.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.17.1 libndr-nbt0-32bit-4.2.4-18.17.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.17.1 libndr-standard0-32bit-4.2.4-18.17.1 libndr-standard0-debuginfo-32bit-4.2.4-18.17.1 libndr0-32bit-4.2.4-18.17.1 libndr0-debuginfo-32bit-4.2.4-18.17.1 libnetapi0-32bit-4.2.4-18.17.1 libnetapi0-debuginfo-32bit-4.2.4-18.17.1 libsamba-credentials0-32bit-4.2.4-18.17.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.17.1 libsamba-hostconfig0-32bit-4.2.4-18.17.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.17.1 libsamba-passdb0-32bit-4.2.4-18.17.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.17.1 libsamba-util0-32bit-4.2.4-18.17.1 libsamba-util0-debuginfo-32bit-4.2.4-18.17.1 libsamdb0-32bit-4.2.4-18.17.1 libsamdb0-debuginfo-32bit-4.2.4-18.17.1 libsmbclient-raw0-32bit-4.2.4-18.17.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.17.1 libsmbclient0-32bit-4.2.4-18.17.1 libsmbclient0-debuginfo-32bit-4.2.4-18.17.1 libsmbconf0-32bit-4.2.4-18.17.1 libsmbconf0-debuginfo-32bit-4.2.4-18.17.1 libsmbldap0-32bit-4.2.4-18.17.1 libsmbldap0-debuginfo-32bit-4.2.4-18.17.1 libtevent-util0-32bit-4.2.4-18.17.1 libtevent-util0-debuginfo-32bit-4.2.4-18.17.1 libwbclient0-32bit-4.2.4-18.17.1 libwbclient0-debuginfo-32bit-4.2.4-18.17.1 samba-32bit-4.2.4-18.17.1 samba-client-32bit-4.2.4-18.17.1 samba-client-debuginfo-32bit-4.2.4-18.17.1 samba-debuginfo-32bit-4.2.4-18.17.1 samba-libs-32bit-4.2.4-18.17.1 samba-libs-debuginfo-32bit-4.2.4-18.17.1 samba-winbind-32bit-4.2.4-18.17.1 samba-winbind-debuginfo-32bit-4.2.4-18.17.1 - SUSE Linux Enterprise Server 12 (noarch): samba-doc-4.2.4-18.17.1 - SUSE Linux Enterprise High Availability 12 (s390x x86_64): ctdb-4.2.4-18.17.1 ctdb-debuginfo-4.2.4-18.17.1 - SUSE Linux Enterprise Desktop 12 (noarch): samba-doc-4.2.4-18.17.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libdcerpc-binding0-32bit-4.2.4-18.17.1 libdcerpc-binding0-4.2.4-18.17.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.17.1 libdcerpc-binding0-debuginfo-4.2.4-18.17.1 libdcerpc0-32bit-4.2.4-18.17.1 libdcerpc0-4.2.4-18.17.1 libdcerpc0-debuginfo-32bit-4.2.4-18.17.1 libdcerpc0-debuginfo-4.2.4-18.17.1 libgensec0-32bit-4.2.4-18.17.1 libgensec0-4.2.4-18.17.1 libgensec0-debuginfo-32bit-4.2.4-18.17.1 libgensec0-debuginfo-4.2.4-18.17.1 libndr-krb5pac0-32bit-4.2.4-18.17.1 libndr-krb5pac0-4.2.4-18.17.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.17.1 libndr-krb5pac0-debuginfo-4.2.4-18.17.1 libndr-nbt0-32bit-4.2.4-18.17.1 libndr-nbt0-4.2.4-18.17.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.17.1 libndr-nbt0-debuginfo-4.2.4-18.17.1 libndr-standard0-32bit-4.2.4-18.17.1 libndr-standard0-4.2.4-18.17.1 libndr-standard0-debuginfo-32bit-4.2.4-18.17.1 libndr-standard0-debuginfo-4.2.4-18.17.1 libndr0-32bit-4.2.4-18.17.1 libndr0-4.2.4-18.17.1 libndr0-debuginfo-32bit-4.2.4-18.17.1 libndr0-debuginfo-4.2.4-18.17.1 libnetapi0-32bit-4.2.4-18.17.1 libnetapi0-4.2.4-18.17.1 libnetapi0-debuginfo-32bit-4.2.4-18.17.1 libnetapi0-debuginfo-4.2.4-18.17.1 libregistry0-4.2.4-18.17.1 libregistry0-debuginfo-4.2.4-18.17.1 libsamba-credentials0-32bit-4.2.4-18.17.1 libsamba-credentials0-4.2.4-18.17.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.17.1 libsamba-credentials0-debuginfo-4.2.4-18.17.1 libsamba-hostconfig0-32bit-4.2.4-18.17.1 libsamba-hostconfig0-4.2.4-18.17.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.17.1 libsamba-hostconfig0-debuginfo-4.2.4-18.17.1 libsamba-passdb0-32bit-4.2.4-18.17.1 libsamba-passdb0-4.2.4-18.17.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.17.1 libsamba-passdb0-debuginfo-4.2.4-18.17.1 libsamba-util0-32bit-4.2.4-18.17.1 libsamba-util0-4.2.4-18.17.1 libsamba-util0-debuginfo-32bit-4.2.4-18.17.1 libsamba-util0-debuginfo-4.2.4-18.17.1 libsamdb0-32bit-4.2.4-18.17.1 libsamdb0-4.2.4-18.17.1 libsamdb0-debuginfo-32bit-4.2.4-18.17.1 libsamdb0-debuginfo-4.2.4-18.17.1 libsmbclient-raw0-32bit-4.2.4-18.17.1 libsmbclient-raw0-4.2.4-18.17.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.17.1 libsmbclient-raw0-debuginfo-4.2.4-18.17.1 libsmbclient0-32bit-4.2.4-18.17.1 libsmbclient0-4.2.4-18.17.1 libsmbclient0-debuginfo-32bit-4.2.4-18.17.1 libsmbclient0-debuginfo-4.2.4-18.17.1 libsmbconf0-32bit-4.2.4-18.17.1 libsmbconf0-4.2.4-18.17.1 libsmbconf0-debuginfo-32bit-4.2.4-18.17.1 libsmbconf0-debuginfo-4.2.4-18.17.1 libsmbldap0-32bit-4.2.4-18.17.1 libsmbldap0-4.2.4-18.17.1 libsmbldap0-debuginfo-32bit-4.2.4-18.17.1 libsmbldap0-debuginfo-4.2.4-18.17.1 libtevent-util0-32bit-4.2.4-18.17.1 libtevent-util0-4.2.4-18.17.1 libtevent-util0-debuginfo-32bit-4.2.4-18.17.1 libtevent-util0-debuginfo-4.2.4-18.17.1 libwbclient0-32bit-4.2.4-18.17.1 libwbclient0-4.2.4-18.17.1 libwbclient0-debuginfo-32bit-4.2.4-18.17.1 libwbclient0-debuginfo-4.2.4-18.17.1 samba-32bit-4.2.4-18.17.1 samba-4.2.4-18.17.1 samba-client-32bit-4.2.4-18.17.1 samba-client-4.2.4-18.17.1 samba-client-debuginfo-32bit-4.2.4-18.17.1 samba-client-debuginfo-4.2.4-18.17.1 samba-debuginfo-32bit-4.2.4-18.17.1 samba-debuginfo-4.2.4-18.17.1 samba-debugsource-4.2.4-18.17.1 samba-libs-32bit-4.2.4-18.17.1 samba-libs-4.2.4-18.17.1 samba-libs-debuginfo-32bit-4.2.4-18.17.1 samba-libs-debuginfo-4.2.4-18.17.1 samba-winbind-32bit-4.2.4-18.17.1 samba-winbind-4.2.4-18.17.1 samba-winbind-debuginfo-32bit-4.2.4-18.17.1 samba-winbind-debuginfo-4.2.4-18.17.1 References: https://www.suse.com/security/cve/CVE-2015-5370.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://www.suse.com/security/cve/CVE-2016-2112.html https://www.suse.com/security/cve/CVE-2016-2113.html https://www.suse.com/security/cve/CVE-2016-2115.html https://www.suse.com/security/cve/CVE-2016-2118.html https://bugzilla.suse.com/320709 https://bugzilla.suse.com/913547 https://bugzilla.suse.com/919309 https://bugzilla.suse.com/924519 https://bugzilla.suse.com/936862 https://bugzilla.suse.com/942716 https://bugzilla.suse.com/946051 https://bugzilla.suse.com/949022 https://bugzilla.suse.com/964023 https://bugzilla.suse.com/966271 https://bugzilla.suse.com/968973 https://bugzilla.suse.com/971965 https://bugzilla.suse.com/972197 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://bugzilla.suse.com/973033 https://bugzilla.suse.com/973034 https://bugzilla.suse.com/973036 https://bugzilla.suse.com/973832 https://bugzilla.suse.com/974629 From sle-security-updates at lists.suse.com Tue Apr 12 16:11:55 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 13 Apr 2016 00:11:55 +0200 (CEST) Subject: SUSE-SU-2016:1023-1: important: Security update for samba Message-ID: <20160412221155.EED40FF7B@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1023-1 Rating: important References: #936862 #967017 #971965 #973031 #973032 #973033 #973034 #973036 Cross-References: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). These non-security issues were fixed: - bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function - Getting and setting Windows ACLs on symlinks can change permissions on link Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-samba-12507=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-samba-12507=1 - SUSE Manager 2.1: zypper in -t patch sleman21-samba-12507=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-12507=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-samba-12507=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-12507=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-samba-12507=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-12507=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-12507=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): samba-doc-3.6.3-76.2 - SUSE OpenStack Cloud 5 (x86_64): ldapsmb-1.34b-76.1 libldb1-3.6.3-76.1 libsmbclient0-3.6.3-76.1 libsmbclient0-32bit-3.6.3-76.1 libtalloc2-3.6.3-76.1 libtalloc2-32bit-3.6.3-76.1 libtdb1-3.6.3-76.1 libtdb1-32bit-3.6.3-76.1 libtevent0-3.6.3-76.1 libtevent0-32bit-3.6.3-76.1 libwbclient0-3.6.3-76.1 libwbclient0-32bit-3.6.3-76.1 samba-3.6.3-76.1 samba-32bit-3.6.3-76.1 samba-client-3.6.3-76.1 samba-client-32bit-3.6.3-76.1 samba-krb-printing-3.6.3-76.1 samba-winbind-3.6.3-76.1 samba-winbind-32bit-3.6.3-76.1 - SUSE Manager Proxy 2.1 (noarch): samba-doc-3.6.3-76.2 - SUSE Manager Proxy 2.1 (x86_64): ldapsmb-1.34b-76.1 libldb1-3.6.3-76.1 libsmbclient0-3.6.3-76.1 libsmbclient0-32bit-3.6.3-76.1 libtalloc2-3.6.3-76.1 libtalloc2-32bit-3.6.3-76.1 libtdb1-3.6.3-76.1 libtdb1-32bit-3.6.3-76.1 libtevent0-3.6.3-76.1 libtevent0-32bit-3.6.3-76.1 libwbclient0-3.6.3-76.1 libwbclient0-32bit-3.6.3-76.1 samba-3.6.3-76.1 samba-32bit-3.6.3-76.1 samba-client-3.6.3-76.1 samba-client-32bit-3.6.3-76.1 samba-krb-printing-3.6.3-76.1 samba-winbind-3.6.3-76.1 samba-winbind-32bit-3.6.3-76.1 - SUSE Manager 2.1 (s390x x86_64): ldapsmb-1.34b-76.1 libldb1-3.6.3-76.1 libsmbclient0-3.6.3-76.1 libsmbclient0-32bit-3.6.3-76.1 libtalloc2-3.6.3-76.1 libtalloc2-32bit-3.6.3-76.1 libtdb1-3.6.3-76.1 libtdb1-32bit-3.6.3-76.1 libtevent0-3.6.3-76.1 libtevent0-32bit-3.6.3-76.1 libwbclient0-3.6.3-76.1 libwbclient0-32bit-3.6.3-76.1 samba-3.6.3-76.1 samba-32bit-3.6.3-76.1 samba-client-3.6.3-76.1 samba-client-32bit-3.6.3-76.1 samba-krb-printing-3.6.3-76.1 samba-winbind-3.6.3-76.1 samba-winbind-32bit-3.6.3-76.1 - SUSE Manager 2.1 (noarch): samba-doc-3.6.3-76.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-76.1 libnetapi-devel-3.6.3-76.1 libnetapi0-3.6.3-76.1 libsmbclient-devel-3.6.3-76.1 libsmbsharemodes-devel-3.6.3-76.1 libsmbsharemodes0-3.6.3-76.1 libtalloc-devel-3.6.3-76.1 libtdb-devel-3.6.3-76.1 libtevent-devel-3.6.3-76.1 libwbclient-devel-3.6.3-76.1 samba-devel-3.6.3-76.1 samba-test-3.6.3-76.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 s390x x86_64): libldb-devel-3.6.3-76.1 libnetapi-devel-3.6.3-76.1 libnetapi0-3.6.3-76.1 libsmbclient-devel-3.6.3-76.1 libsmbsharemodes-devel-3.6.3-76.1 libsmbsharemodes0-3.6.3-76.1 libtalloc-devel-3.6.3-76.1 libtdb-devel-3.6.3-76.1 libtevent-devel-3.6.3-76.1 libwbclient-devel-3.6.3-76.1 samba-devel-3.6.3-76.1 samba-test-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-76.1 libldb1-3.6.3-76.1 libsmbclient0-3.6.3-76.1 libtalloc2-3.6.3-76.1 libtdb1-3.6.3-76.1 libtevent0-3.6.3-76.1 libwbclient0-3.6.3-76.1 samba-3.6.3-76.1 samba-client-3.6.3-76.1 samba-krb-printing-3.6.3-76.1 samba-winbind-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-76.1 libtalloc2-32bit-3.6.3-76.1 libtdb1-32bit-3.6.3-76.1 libtevent0-32bit-3.6.3-76.1 libwbclient0-32bit-3.6.3-76.1 samba-32bit-3.6.3-76.1 samba-client-32bit-3.6.3-76.1 samba-winbind-32bit-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-76.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-76.1 libtalloc2-x86-3.6.3-76.1 libtdb1-x86-3.6.3-76.1 libtevent0-x86-3.6.3-76.1 libwbclient0-x86-3.6.3-76.1 samba-client-x86-3.6.3-76.1 samba-winbind-x86-3.6.3-76.1 samba-x86-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): ldapsmb-1.34b-76.1 libldb1-3.6.3-76.1 libsmbclient0-3.6.3-76.1 libtalloc2-3.6.3-76.1 libtdb1-3.6.3-76.1 libtevent0-3.6.3-76.1 libwbclient0-3.6.3-76.1 samba-3.6.3-76.1 samba-client-3.6.3-76.1 samba-krb-printing-3.6.3-76.1 samba-winbind-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-76.1 libtalloc2-32bit-3.6.3-76.1 libtdb1-32bit-3.6.3-76.1 libtevent0-32bit-3.6.3-76.1 libwbclient0-32bit-3.6.3-76.1 samba-32bit-3.6.3-76.1 samba-client-32bit-3.6.3-76.1 samba-winbind-32bit-3.6.3-76.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): samba-doc-3.6.3-76.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-76.1 samba-debugsource-3.6.3-76.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-76.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-76.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): samba-debuginfo-3.6.3-76.1 samba-debugsource-3.6.3-76.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): samba-debuginfo-32bit-3.6.3-76.1 References: https://www.suse.com/security/cve/CVE-2015-5370.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://www.suse.com/security/cve/CVE-2016-2112.html https://www.suse.com/security/cve/CVE-2016-2113.html https://www.suse.com/security/cve/CVE-2016-2115.html https://www.suse.com/security/cve/CVE-2016-2118.html https://bugzilla.suse.com/936862 https://bugzilla.suse.com/967017 https://bugzilla.suse.com/971965 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://bugzilla.suse.com/973033 https://bugzilla.suse.com/973034 https://bugzilla.suse.com/973036 From sle-security-updates at lists.suse.com Tue Apr 12 16:13:23 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 13 Apr 2016 00:13:23 +0200 (CEST) Subject: SUSE-SU-2016:1024-1: important: Security update for samba Message-ID: <20160412221323.E5115FF3C@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1024-1 Rating: important References: #924519 #936862 #968973 #971965 #972197 #973031 #973032 #973033 #973034 #973036 #973832 #974629 Cross-References: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise High Availability 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has 5 fixes is now available. Description: samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). These non-security issues were fixed: - bsc#974629: Fix samba.tests.messaging test and prevent potential tdb corruption by removing obsolete now invalid tdb_close call. - bsc#973832: Obsolete libsmbsharemodes0 from samba-libs and libsmbsharemodes-devel from samba-core-devel. - bsc#972197: Obsolete libsmbclient from libsmbclient0 and libpdb-devel from libsamba-passdb-devel while not providing it. - Getting and setting Windows ACLs on symlinks can change permissions on link - bsc#924519: Upgrade on-disk FSRVP server state to new version. - bsc#968973: Only obsolete but do not provide gplv2/3 package names. - bso#6482: s3:utils/smbget: Fix recursive download. - bso#10489: s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support. - bso#11643: docs: Add example for domain logins to smbspool man page. - bso#11690: s3-client: Add a KRB5 wrapper for smbspool. - bso#11708: loadparm: Fix memory leak issue. - bso#11714: lib/tsocket: Work around sockets not supporting FIONREAD. - bso#11719: ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ...". - bso#11727: s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file. - bso#11732: param: Fix str_list_v3 to accept ";" again. - bso#11740: Real memeory leak(buildup) issue in loadparm. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-604=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-604=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2016-604=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-604=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ctdb-debuginfo-4.2.4-16.1 ctdb-devel-4.2.4-16.1 libdcerpc-atsvc-devel-4.2.4-16.1 libdcerpc-atsvc0-4.2.4-16.1 libdcerpc-atsvc0-debuginfo-4.2.4-16.1 libdcerpc-devel-4.2.4-16.1 libdcerpc-samr-devel-4.2.4-16.1 libdcerpc-samr0-4.2.4-16.1 libdcerpc-samr0-debuginfo-4.2.4-16.1 libgensec-devel-4.2.4-16.1 libndr-devel-4.2.4-16.1 libndr-krb5pac-devel-4.2.4-16.1 libndr-nbt-devel-4.2.4-16.1 libndr-standard-devel-4.2.4-16.1 libnetapi-devel-4.2.4-16.1 libregistry-devel-4.2.4-16.1 libsamba-credentials-devel-4.2.4-16.1 libsamba-hostconfig-devel-4.2.4-16.1 libsamba-passdb-devel-4.2.4-16.1 libsamba-policy-devel-4.2.4-16.1 libsamba-policy0-4.2.4-16.1 libsamba-policy0-debuginfo-4.2.4-16.1 libsamba-util-devel-4.2.4-16.1 libsamdb-devel-4.2.4-16.1 libsmbclient-devel-4.2.4-16.1 libsmbclient-raw-devel-4.2.4-16.1 libsmbconf-devel-4.2.4-16.1 libsmbldap-devel-4.2.4-16.1 libtevent-util-devel-4.2.4-16.1 libwbclient-devel-4.2.4-16.1 samba-core-devel-4.2.4-16.1 samba-debuginfo-4.2.4-16.1 samba-debugsource-4.2.4-16.1 samba-test-devel-4.2.4-16.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libdcerpc-binding0-4.2.4-16.1 libdcerpc-binding0-debuginfo-4.2.4-16.1 libdcerpc0-4.2.4-16.1 libdcerpc0-debuginfo-4.2.4-16.1 libgensec0-4.2.4-16.1 libgensec0-debuginfo-4.2.4-16.1 libndr-krb5pac0-4.2.4-16.1 libndr-krb5pac0-debuginfo-4.2.4-16.1 libndr-nbt0-4.2.4-16.1 libndr-nbt0-debuginfo-4.2.4-16.1 libndr-standard0-4.2.4-16.1 libndr-standard0-debuginfo-4.2.4-16.1 libndr0-4.2.4-16.1 libndr0-debuginfo-4.2.4-16.1 libnetapi0-4.2.4-16.1 libnetapi0-debuginfo-4.2.4-16.1 libregistry0-4.2.4-16.1 libregistry0-debuginfo-4.2.4-16.1 libsamba-credentials0-4.2.4-16.1 libsamba-credentials0-debuginfo-4.2.4-16.1 libsamba-hostconfig0-4.2.4-16.1 libsamba-hostconfig0-debuginfo-4.2.4-16.1 libsamba-passdb0-4.2.4-16.1 libsamba-passdb0-debuginfo-4.2.4-16.1 libsamba-util0-4.2.4-16.1 libsamba-util0-debuginfo-4.2.4-16.1 libsamdb0-4.2.4-16.1 libsamdb0-debuginfo-4.2.4-16.1 libsmbclient-raw0-4.2.4-16.1 libsmbclient-raw0-debuginfo-4.2.4-16.1 libsmbclient0-4.2.4-16.1 libsmbclient0-debuginfo-4.2.4-16.1 libsmbconf0-4.2.4-16.1 libsmbconf0-debuginfo-4.2.4-16.1 libsmbldap0-4.2.4-16.1 libsmbldap0-debuginfo-4.2.4-16.1 libtevent-util0-4.2.4-16.1 libtevent-util0-debuginfo-4.2.4-16.1 libwbclient0-4.2.4-16.1 libwbclient0-debuginfo-4.2.4-16.1 samba-4.2.4-16.1 samba-client-4.2.4-16.1 samba-client-debuginfo-4.2.4-16.1 samba-debuginfo-4.2.4-16.1 samba-debugsource-4.2.4-16.1 samba-libs-4.2.4-16.1 samba-libs-debuginfo-4.2.4-16.1 samba-winbind-4.2.4-16.1 samba-winbind-debuginfo-4.2.4-16.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-16.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-16.1 libdcerpc0-32bit-4.2.4-16.1 libdcerpc0-debuginfo-32bit-4.2.4-16.1 libgensec0-32bit-4.2.4-16.1 libgensec0-debuginfo-32bit-4.2.4-16.1 libndr-krb5pac0-32bit-4.2.4-16.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-16.1 libndr-nbt0-32bit-4.2.4-16.1 libndr-nbt0-debuginfo-32bit-4.2.4-16.1 libndr-standard0-32bit-4.2.4-16.1 libndr-standard0-debuginfo-32bit-4.2.4-16.1 libndr0-32bit-4.2.4-16.1 libndr0-debuginfo-32bit-4.2.4-16.1 libnetapi0-32bit-4.2.4-16.1 libnetapi0-debuginfo-32bit-4.2.4-16.1 libsamba-credentials0-32bit-4.2.4-16.1 libsamba-credentials0-debuginfo-32bit-4.2.4-16.1 libsamba-hostconfig0-32bit-4.2.4-16.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-16.1 libsamba-passdb0-32bit-4.2.4-16.1 libsamba-passdb0-debuginfo-32bit-4.2.4-16.1 libsamba-util0-32bit-4.2.4-16.1 libsamba-util0-debuginfo-32bit-4.2.4-16.1 libsamdb0-32bit-4.2.4-16.1 libsamdb0-debuginfo-32bit-4.2.4-16.1 libsmbclient-raw0-32bit-4.2.4-16.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-16.1 libsmbclient0-32bit-4.2.4-16.1 libsmbclient0-debuginfo-32bit-4.2.4-16.1 libsmbconf0-32bit-4.2.4-16.1 libsmbconf0-debuginfo-32bit-4.2.4-16.1 libsmbldap0-32bit-4.2.4-16.1 libsmbldap0-debuginfo-32bit-4.2.4-16.1 libtevent-util0-32bit-4.2.4-16.1 libtevent-util0-debuginfo-32bit-4.2.4-16.1 libwbclient0-32bit-4.2.4-16.1 libwbclient0-debuginfo-32bit-4.2.4-16.1 samba-32bit-4.2.4-16.1 samba-client-32bit-4.2.4-16.1 samba-client-debuginfo-32bit-4.2.4-16.1 samba-debuginfo-32bit-4.2.4-16.1 samba-libs-32bit-4.2.4-16.1 samba-libs-debuginfo-32bit-4.2.4-16.1 samba-winbind-32bit-4.2.4-16.1 samba-winbind-debuginfo-32bit-4.2.4-16.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): samba-doc-4.2.4-16.1 - SUSE Linux Enterprise High Availability 12-SP1 (s390x x86_64): ctdb-4.2.4-16.1 ctdb-debuginfo-4.2.4-16.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libdcerpc-binding0-32bit-4.2.4-16.1 libdcerpc-binding0-4.2.4-16.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-16.1 libdcerpc-binding0-debuginfo-4.2.4-16.1 libdcerpc0-32bit-4.2.4-16.1 libdcerpc0-4.2.4-16.1 libdcerpc0-debuginfo-32bit-4.2.4-16.1 libdcerpc0-debuginfo-4.2.4-16.1 libgensec0-32bit-4.2.4-16.1 libgensec0-4.2.4-16.1 libgensec0-debuginfo-32bit-4.2.4-16.1 libgensec0-debuginfo-4.2.4-16.1 libndr-krb5pac0-32bit-4.2.4-16.1 libndr-krb5pac0-4.2.4-16.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-16.1 libndr-krb5pac0-debuginfo-4.2.4-16.1 libndr-nbt0-32bit-4.2.4-16.1 libndr-nbt0-4.2.4-16.1 libndr-nbt0-debuginfo-32bit-4.2.4-16.1 libndr-nbt0-debuginfo-4.2.4-16.1 libndr-standard0-32bit-4.2.4-16.1 libndr-standard0-4.2.4-16.1 libndr-standard0-debuginfo-32bit-4.2.4-16.1 libndr-standard0-debuginfo-4.2.4-16.1 libndr0-32bit-4.2.4-16.1 libndr0-4.2.4-16.1 libndr0-debuginfo-32bit-4.2.4-16.1 libndr0-debuginfo-4.2.4-16.1 libnetapi0-32bit-4.2.4-16.1 libnetapi0-4.2.4-16.1 libnetapi0-debuginfo-32bit-4.2.4-16.1 libnetapi0-debuginfo-4.2.4-16.1 libregistry0-4.2.4-16.1 libregistry0-debuginfo-4.2.4-16.1 libsamba-credentials0-32bit-4.2.4-16.1 libsamba-credentials0-4.2.4-16.1 libsamba-credentials0-debuginfo-32bit-4.2.4-16.1 libsamba-credentials0-debuginfo-4.2.4-16.1 libsamba-hostconfig0-32bit-4.2.4-16.1 libsamba-hostconfig0-4.2.4-16.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-16.1 libsamba-hostconfig0-debuginfo-4.2.4-16.1 libsamba-passdb0-32bit-4.2.4-16.1 libsamba-passdb0-4.2.4-16.1 libsamba-passdb0-debuginfo-32bit-4.2.4-16.1 libsamba-passdb0-debuginfo-4.2.4-16.1 libsamba-util0-32bit-4.2.4-16.1 libsamba-util0-4.2.4-16.1 libsamba-util0-debuginfo-32bit-4.2.4-16.1 libsamba-util0-debuginfo-4.2.4-16.1 libsamdb0-32bit-4.2.4-16.1 libsamdb0-4.2.4-16.1 libsamdb0-debuginfo-32bit-4.2.4-16.1 libsamdb0-debuginfo-4.2.4-16.1 libsmbclient-raw0-32bit-4.2.4-16.1 libsmbclient-raw0-4.2.4-16.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-16.1 libsmbclient-raw0-debuginfo-4.2.4-16.1 libsmbclient0-32bit-4.2.4-16.1 libsmbclient0-4.2.4-16.1 libsmbclient0-debuginfo-32bit-4.2.4-16.1 libsmbclient0-debuginfo-4.2.4-16.1 libsmbconf0-32bit-4.2.4-16.1 libsmbconf0-4.2.4-16.1 libsmbconf0-debuginfo-32bit-4.2.4-16.1 libsmbconf0-debuginfo-4.2.4-16.1 libsmbldap0-32bit-4.2.4-16.1 libsmbldap0-4.2.4-16.1 libsmbldap0-debuginfo-32bit-4.2.4-16.1 libsmbldap0-debuginfo-4.2.4-16.1 libtevent-util0-32bit-4.2.4-16.1 libtevent-util0-4.2.4-16.1 libtevent-util0-debuginfo-32bit-4.2.4-16.1 libtevent-util0-debuginfo-4.2.4-16.1 libwbclient0-32bit-4.2.4-16.1 libwbclient0-4.2.4-16.1 libwbclient0-debuginfo-32bit-4.2.4-16.1 libwbclient0-debuginfo-4.2.4-16.1 samba-32bit-4.2.4-16.1 samba-4.2.4-16.1 samba-client-32bit-4.2.4-16.1 samba-client-4.2.4-16.1 samba-client-debuginfo-32bit-4.2.4-16.1 samba-client-debuginfo-4.2.4-16.1 samba-debuginfo-32bit-4.2.4-16.1 samba-debuginfo-4.2.4-16.1 samba-debugsource-4.2.4-16.1 samba-libs-32bit-4.2.4-16.1 samba-libs-4.2.4-16.1 samba-libs-debuginfo-32bit-4.2.4-16.1 samba-libs-debuginfo-4.2.4-16.1 samba-winbind-32bit-4.2.4-16.1 samba-winbind-4.2.4-16.1 samba-winbind-debuginfo-32bit-4.2.4-16.1 samba-winbind-debuginfo-4.2.4-16.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): samba-doc-4.2.4-16.1 References: https://www.suse.com/security/cve/CVE-2015-5370.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://www.suse.com/security/cve/CVE-2016-2112.html https://www.suse.com/security/cve/CVE-2016-2113.html https://www.suse.com/security/cve/CVE-2016-2115.html https://www.suse.com/security/cve/CVE-2016-2118.html https://bugzilla.suse.com/924519 https://bugzilla.suse.com/936862 https://bugzilla.suse.com/968973 https://bugzilla.suse.com/971965 https://bugzilla.suse.com/972197 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://bugzilla.suse.com/973033 https://bugzilla.suse.com/973034 https://bugzilla.suse.com/973036 https://bugzilla.suse.com/973832 https://bugzilla.suse.com/974629 From sle-security-updates at lists.suse.com Wed Apr 13 07:08:06 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 13 Apr 2016 15:08:06 +0200 (CEST) Subject: SUSE-SU-2016:1026-1: moderate: Security update for xerces-c Message-ID: <20160413130806.81769FF3C@maintenance.suse.de> SUSE Security Update: Security update for xerces-c ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1026-1 Rating: moderate References: #966822 Cross-References: CVE-2016-0729 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xerces-c fixes the following security issue: - CVE-2016-0729: Fixed mishandling certain kinds of malformed input documents, that resulted in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. (bsc#966822) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-606=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-606=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-606=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-606=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-606=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libxerces-c-3_1-3.1.1-7.1 libxerces-c-3_1-32bit-3.1.1-7.1 libxerces-c-3_1-debuginfo-3.1.1-7.1 libxerces-c-3_1-debuginfo-32bit-3.1.1-7.1 xerces-c-debuginfo-3.1.1-7.1 xerces-c-debugsource-3.1.1-7.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libxerces-c-devel-3.1.1-7.1 xerces-c-debuginfo-3.1.1-7.1 xerces-c-debugsource-3.1.1-7.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libxerces-c-3_1-3.1.1-7.1 libxerces-c-3_1-debuginfo-3.1.1-7.1 xerces-c-debuginfo-3.1.1-7.1 xerces-c-debugsource-3.1.1-7.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libxerces-c-3_1-32bit-3.1.1-7.1 libxerces-c-3_1-debuginfo-32bit-3.1.1-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libxerces-c-3_1-3.1.1-7.1 libxerces-c-3_1-32bit-3.1.1-7.1 libxerces-c-3_1-debuginfo-3.1.1-7.1 libxerces-c-3_1-debuginfo-32bit-3.1.1-7.1 xerces-c-debuginfo-3.1.1-7.1 xerces-c-debugsource-3.1.1-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libxerces-c-3_1-3.1.1-7.1 libxerces-c-3_1-32bit-3.1.1-7.1 libxerces-c-3_1-debuginfo-3.1.1-7.1 libxerces-c-3_1-debuginfo-32bit-3.1.1-7.1 xerces-c-debuginfo-3.1.1-7.1 xerces-c-debugsource-3.1.1-7.1 References: https://www.suse.com/security/cve/CVE-2016-0729.html https://bugzilla.suse.com/966822 From sle-security-updates at lists.suse.com Wed Apr 13 12:07:50 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 13 Apr 2016 20:07:50 +0200 (CEST) Subject: SUSE-SU-2016:1028-1: important: Security update for samba Message-ID: <20160413180750.2D258FF7B@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1028-1 Rating: important References: #936862 #967017 #971965 #973031 #973032 #973033 #973034 #973036 Cross-References: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). These non-security issues were fixed: - bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function - Getting and setting Windows ACLs on symlinks can change permissions on link Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-samba-12508=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-samba-12508=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): ldapsmb-1.34b-52.1 libldb1-3.6.3-52.1 libsmbclient0-3.6.3-52.1 libtalloc2-3.6.3-52.1 libtdb1-3.6.3-52.1 libtevent0-3.6.3-52.1 libwbclient0-3.6.3-52.1 samba-3.6.3-52.1 samba-client-3.6.3-52.1 samba-krb-printing-3.6.3-52.1 samba-winbind-3.6.3-52.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-52.1 libtalloc2-32bit-3.6.3-52.1 libtdb1-32bit-3.6.3-52.1 libtevent0-32bit-3.6.3-52.1 libwbclient0-32bit-3.6.3-52.1 samba-32bit-3.6.3-52.1 samba-client-32bit-3.6.3-52.1 samba-winbind-32bit-3.6.3-52.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (noarch): samba-doc-3.6.3-52.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): samba-debuginfo-3.6.3-52.1 samba-debugsource-3.6.3-52.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (s390x x86_64): samba-debuginfo-32bit-3.6.3-52.1 References: https://www.suse.com/security/cve/CVE-2015-5370.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://www.suse.com/security/cve/CVE-2016-2112.html https://www.suse.com/security/cve/CVE-2016-2113.html https://www.suse.com/security/cve/CVE-2016-2115.html https://www.suse.com/security/cve/CVE-2016-2118.html https://bugzilla.suse.com/936862 https://bugzilla.suse.com/967017 https://bugzilla.suse.com/971965 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://bugzilla.suse.com/973033 https://bugzilla.suse.com/973034 https://bugzilla.suse.com/973036 From sle-security-updates at lists.suse.com Thu Apr 14 09:08:01 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 17:08:01 +0200 (CEST) Subject: SUSE-SU-2016:1031-1: important: Security update for Linux Kernel Live Patch 0 for SP 1 Message-ID: <20160414150801.1ED0BFF63@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SP 1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1031-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.49-11.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-610=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_49-11-default-4-11.2 kgraft-patch-3_12_49-11-xen-4-11.2 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 09:09:06 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 17:09:06 +0200 (CEST) Subject: SUSE-SU-2016:1032-1: important: Security update for Linux Kernel Live Patch 1 for SP 1 Message-ID: <20160414150906.4FA21FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SP 1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1032-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-60.20.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-611=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_20-default-4-2.1 kgraft-patch-3_12_51-60_20-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 09:09:56 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 17:09:56 +0200 (CEST) Subject: SUSE-SU-2016:1033-1: important: Security update for Linux Kernel Live Patch 3 for SP 1 Message-ID: <20160414150956.40698FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SP 1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1033-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.53-60.30.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-613=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_53-60_30-default-2-2.1 kgraft-patch-3_12_53-60_30-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 09:10:58 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 17:10:58 +0200 (CEST) Subject: SUSE-SU-2016:1034-1: important: Security update for Linux Kernel Live Patch 11 Message-ID: <20160414151058.39B25FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1034-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-52.39.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-609=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_39-default-3-2.1 kgraft-patch-3_12_51-52_39-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 09:11:57 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 17:11:57 +0200 (CEST) Subject: SUSE-SU-2016:1035-1: important: Security update for Linux Kernel Live Patch 2 for SP 1 Message-ID: <20160414151157.3B253FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SP 1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1035-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-60.25.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-612=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_25-default-3-2.1 kgraft-patch-3_12_51-60_25-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 12:07:58 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 20:07:58 +0200 (CEST) Subject: SUSE-SU-2016:1037-1: important: Security update for Linux Kernel Live Patch 7 Message-ID: <20160414180758.81721FF50@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1037-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.44-52.18.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-617=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_44-52_18-default-5-2.1 kgraft-patch-3_12_44-52_18-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 12:08:45 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 20:08:45 +0200 (CEST) Subject: SUSE-SU-2016:1038-1: important: Security update for Linux Kernel Live Patch 6 Message-ID: <20160414180845.3A582FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1038-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.44-52.10.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-616=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_44-52_10-default-5-2.1 kgraft-patch-3_12_44-52_10-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 12:09:35 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 20:09:35 +0200 (CEST) Subject: SUSE-SU-2016:1039-1: important: Security update for Linux Kernel Live Patch 9 Message-ID: <20160414180935.0E77DFF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 9 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1039-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-52.31.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-619=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_31-default-4-2.1 kgraft-patch-3_12_51-52_31-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 12:10:22 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 20:10:22 +0200 (CEST) Subject: SUSE-SU-2016:1040-1: important: Security update for Linux Kernel Live Patch 4 Message-ID: <20160414181022.41746FF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1040-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.39-47.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-615=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_39-47-default-6-2.1 kgraft-patch-3_12_39-47-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Thu Apr 14 12:11:20 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 14 Apr 2016 20:11:20 +0200 (CEST) Subject: SUSE-SU-2016:1041-1: important: Security update for Linux Kernel Live Patch 8 Message-ID: <20160414181120.E8ABEFF4F@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 8 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1041-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.48-52.27.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-618=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_48-52_27-default-4-2.1 kgraft-patch-3_12_48-52_27-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Fri Apr 15 07:07:57 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 15 Apr 2016 15:07:57 +0200 (CEST) Subject: SUSE-SU-2016:1045-1: important: Security update for Linux Kernel Live Patch 10 Message-ID: <20160415130757.EB42AFF79@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 10 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1045-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-52.34.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-622=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_34-default-4-2.1 kgraft-patch-3_12_51-52_34-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Fri Apr 15 07:08:49 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 15 Apr 2016 15:08:49 +0200 (CEST) Subject: SUSE-SU-2016:1046-1: important: Security update for Linux Kernel Live Patch 5 Message-ID: <20160415130849.2C8F0FF50@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1046-1 Rating: important References: #960563 #964732 #966683 #967773 Cross-References: CVE-2015-8709 CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.43-52.6.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#967773) - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966683) - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964732). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." (bsc#960563) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-623=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_43-52_6-default-6-2.1 kgraft-patch-3_12_43-52_6-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2015-8709.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0774.html https://www.suse.com/security/cve/CVE-2016-2384.html https://bugzilla.suse.com/960563 https://bugzilla.suse.com/964732 https://bugzilla.suse.com/966683 https://bugzilla.suse.com/967773 From sle-security-updates at lists.suse.com Fri Apr 15 13:09:44 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 15 Apr 2016 21:09:44 +0200 (CEST) Subject: SUSE-SU-2016:1057-1: important: Security update for openssl Message-ID: <20160415190944.04729FF58@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1057-1 Rating: important References: #952871 #963415 #967787 #968046 #968047 #968048 #968051 #968053 #968374 Cross-References: CVE-2015-3197 CVE-2016-0702 CVE-2016-0703 CVE-2016-0705 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has two fixes is now available. Description: This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack (bsc#968046): OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. This update changes the openssl library to: * Disable SSLv2 protocol support by default. This can be overridden by setting the environment variable "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag. Note that various services and clients had already disabled SSL protocol 2 by default previously. * Disable all weak EXPORT ciphers by default. These can be reenabled if required by old legacy software using the environment variable "OPENSSL_ALLOW_EXPORT". - CVE-2016-0705 (bnc#968047): A double free() bug in the DSA ASN1 parser code was fixed that could be abused to facilitate a denial-of-service attack. - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions had a bug that could result in an attempt to de-reference a NULL pointer leading to crashes. This could have security consequences if these functions were ever called by user applications with large untrusted hex/decimal data. Also, internal usage of these functions in OpenSSL uses data from config files or application command line arguments. If user developed applications generated config file data based on untrusted data, then this could have had security consequences as well. - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr() and doapr_outch() functions could miscalculate the length of a string and attempt to access out-of-bounds memory locations. These problems could have enabled attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could have been vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could have been vulnerable if the data is from untrusted sources. OpenSSL command line applications could also have been vulnerable when they print out ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is not considered directly vulnerable. - CVE-2015-3197 (bsc#963415): The SSLv2 protocol did not block disabled ciphers. Note that the March 1st 2016 release also references following CVEs that were fixed by us with CVE-2015-0293 in 2015: - CVE-2016-0703 (bsc#968051): This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. It would have made the above "DROWN" attack much easier. - CVE-2016-0704 (bsc#968053): "Bleichenbacher oracle in SSLv2" This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. It would have made the above "DROWN" attack much easier. Also fixes the following bug: - Avoid running OPENSSL_config twice. This avoids breaking engine loading and also fixes a memory leak in libssl. (bsc#952871 bsc#967787) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openssl-12511=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-openssl-12511=1 - SUSE Manager 2.1: zypper in -t patch sleman21-openssl-12511=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): libopenssl-devel-0.9.8j-0.91.1 libopenssl0_9_8-0.9.8j-0.91.1 libopenssl0_9_8-32bit-0.9.8j-0.91.1 libopenssl0_9_8-hmac-0.9.8j-0.91.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.91.1 openssl-0.9.8j-0.91.1 openssl-doc-0.9.8j-0.91.1 - SUSE Manager Proxy 2.1 (x86_64): libopenssl-devel-0.9.8j-0.91.1 libopenssl0_9_8-0.9.8j-0.91.1 libopenssl0_9_8-32bit-0.9.8j-0.91.1 libopenssl0_9_8-hmac-0.9.8j-0.91.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.91.1 openssl-0.9.8j-0.91.1 openssl-doc-0.9.8j-0.91.1 - SUSE Manager 2.1 (s390x x86_64): libopenssl-devel-0.9.8j-0.91.1 libopenssl0_9_8-0.9.8j-0.91.1 libopenssl0_9_8-32bit-0.9.8j-0.91.1 libopenssl0_9_8-hmac-0.9.8j-0.91.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.91.1 openssl-0.9.8j-0.91.1 openssl-doc-0.9.8j-0.91.1 References: https://www.suse.com/security/cve/CVE-2015-3197.html https://www.suse.com/security/cve/CVE-2016-0702.html https://www.suse.com/security/cve/CVE-2016-0703.html https://www.suse.com/security/cve/CVE-2016-0705.html https://www.suse.com/security/cve/CVE-2016-0797.html https://www.suse.com/security/cve/CVE-2016-0799.html https://www.suse.com/security/cve/CVE-2016-0800.html https://bugzilla.suse.com/952871 https://bugzilla.suse.com/963415 https://bugzilla.suse.com/967787 https://bugzilla.suse.com/968046 https://bugzilla.suse.com/968047 https://bugzilla.suse.com/968048 https://bugzilla.suse.com/968051 https://bugzilla.suse.com/968053 https://bugzilla.suse.com/968374 From sle-security-updates at lists.suse.com Sun Apr 17 05:07:55 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Sun, 17 Apr 2016 13:07:55 +0200 (CEST) Subject: SUSE-SU-2016:1060-1: important: Security update for Chromium Message-ID: <20160417110755.AD665FF63@maintenance.suse.de> SUSE Security Update: Security update for Chromium ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1060-1 Rating: important References: #975572 Cross-References: CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1654 CVE-2016-1655 CVE-2016-1656 CVE-2016-1657 CVE-2016-1658 CVE-2016-1659 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities: - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media - CVE-2016-1655: Use-after-free related to extensions - CVE-2016-1656: Android downloaded file path restriction bypass - CVE-2016-1657: Address bar spoofing - CVE-2016-1658: Potential leak of sensitive information to malicious extensions - CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch 4965=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): chromedriver-50.0.2661.75-68.1 chromedriver-debuginfo-50.0.2661.75-68.1 chromium-50.0.2661.75-68.1 chromium-debuginfo-50.0.2661.75-68.1 chromium-debugsource-50.0.2661.75-68.1 chromium-desktop-gnome-50.0.2661.75-68.1 chromium-desktop-kde-50.0.2661.75-68.1 chromium-ffmpegsumo-50.0.2661.75-68.1 chromium-ffmpegsumo-debuginfo-50.0.2661.75-68.1 References: https://www.suse.com/security/cve/CVE-2016-1651.html https://www.suse.com/security/cve/CVE-2016-1652.html https://www.suse.com/security/cve/CVE-2016-1653.html https://www.suse.com/security/cve/CVE-2016-1654.html https://www.suse.com/security/cve/CVE-2016-1655.html https://www.suse.com/security/cve/CVE-2016-1656.html https://www.suse.com/security/cve/CVE-2016-1657.html https://www.suse.com/security/cve/CVE-2016-1658.html https://www.suse.com/security/cve/CVE-2016-1659.html https://bugzilla.suse.com/975572 From sle-security-updates at lists.suse.com Mon Apr 18 05:08:10 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 18 Apr 2016 13:08:10 +0200 (CEST) Subject: SUSE-SU-2016:1088-1: moderate: Security update for krb5 Message-ID: <20160418110810.20BEBFF4D@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1088-1 Rating: moderate References: #971942 Cross-References: CVE-2016-3119 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modify_principal command, if kadmind is configured to use the LDAP KDB module. (bsc#971942) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-krb5-12512=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-krb5-12512=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-krb5-12512=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.109.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.109.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): krb5-server-1.6.3-133.49.109.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.109.1 krb5-apps-clients-1.6.3-133.49.109.1 krb5-apps-servers-1.6.3-133.49.109.1 krb5-client-1.6.3-133.49.109.1 krb5-server-1.6.3-133.49.109.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.109.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): krb5-x86-1.6.3-133.49.109.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-debuginfo-1.6.3-133.49.109.1 krb5-debugsource-1.6.3-133.49.109.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): krb5-debuginfo-32bit-1.6.3-133.49.109.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): krb5-debuginfo-x86-1.6.3-133.49.109.1 References: https://www.suse.com/security/cve/CVE-2016-3119.html https://bugzilla.suse.com/971942 From sle-security-updates at lists.suse.com Mon Apr 18 05:08:32 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 18 Apr 2016 13:08:32 +0200 (CEST) Subject: SUSE-SU-2016:1089-1: moderate: Security update for libgcrypt Message-ID: <20160418110832.0AD3AFF4F@maintenance.suse.de> SUSE Security Update: Security update for libgcrypt ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1089-1 Rating: moderate References: #965902 Cross-References: CVE-2015-7511 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: libgcrypt was updated to fix one security issue. This security issue was fixed: - CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves (bsc#965902). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-636=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-636=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-636=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-636=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-636=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-636=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt-devel-1.6.1-16.27.1 libgcrypt-devel-debuginfo-1.6.1-16.27.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt-devel-1.6.1-16.27.1 libgcrypt-devel-debuginfo-1.6.1-16.27.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt20-1.6.1-16.27.1 libgcrypt20-debuginfo-1.6.1-16.27.1 libgcrypt20-hmac-1.6.1-16.27.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgcrypt20-32bit-1.6.1-16.27.1 libgcrypt20-debuginfo-32bit-1.6.1-16.27.1 libgcrypt20-hmac-32bit-1.6.1-16.27.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt20-1.6.1-16.27.1 libgcrypt20-debuginfo-1.6.1-16.27.1 libgcrypt20-hmac-1.6.1-16.27.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgcrypt20-32bit-1.6.1-16.27.1 libgcrypt20-debuginfo-32bit-1.6.1-16.27.1 libgcrypt20-hmac-32bit-1.6.1-16.27.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt20-1.6.1-16.27.1 libgcrypt20-32bit-1.6.1-16.27.1 libgcrypt20-debuginfo-1.6.1-16.27.1 libgcrypt20-debuginfo-32bit-1.6.1-16.27.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libgcrypt-debugsource-1.6.1-16.27.1 libgcrypt20-1.6.1-16.27.1 libgcrypt20-32bit-1.6.1-16.27.1 libgcrypt20-debuginfo-1.6.1-16.27.1 libgcrypt20-debuginfo-32bit-1.6.1-16.27.1 References: https://www.suse.com/security/cve/CVE-2015-7511.html https://bugzilla.suse.com/965902 From sle-security-updates at lists.suse.com Mon Apr 18 08:08:05 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 18 Apr 2016 16:08:05 +0200 (CEST) Subject: SUSE-SU-2016:1090-1: moderate: Security update for icu Message-ID: <20160418140805.37AFCFF4F@maintenance.suse.de> SUSE Security Update: Security update for icu ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1090-1 Rating: moderate References: #952260 Cross-References: CVE-2014-9654 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for icu fixes the following issue: The previous patch for CVE-2014-9654 was incorrect and lead to non-working regular expressions. This update fixes this problem (bsc#952260) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-icu-12513=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-icu-12513=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libicu-devel-4.0-38.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libicu-devel-32bit-4.0-38.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): icu-4.0-38.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (x86_64): libicu-32bit-4.0-38.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libicu-4.0-38.1 libicu-doc-4.0-38.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libicu-32bit-4.0-38.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libicu-x86-4.0-38.1 References: https://www.suse.com/security/cve/CVE-2014-9654.html https://bugzilla.suse.com/952260 From sle-security-updates at lists.suse.com Mon Apr 18 09:08:18 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 18 Apr 2016 17:08:18 +0200 (CEST) Subject: SUSE-SU-2016:1091-1: moderate: Security update for lhasa Message-ID: <20160418150818.91F68FF50@maintenance.suse.de> SUSE Security Update: Security update for lhasa ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1091-1 Rating: moderate References: #973790 Cross-References: CVE-2016-2347 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: lhasa was updated to fix one security issue. This security issue was fixed: - CVE-2016-2347: decode_level3_header heap corruption vulnerability (bsc#973790). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-639=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-639=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-639=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-639=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-639=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-639=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): lhasa-0.2.0-5.1 lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): lhasa-0.2.0-5.1 lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 lhasa-devel-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 lhasa-devel-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): lhasa-0.2.0-5.1 lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): lhasa-0.2.0-5.1 lhasa-debuginfo-0.2.0-5.1 lhasa-debugsource-0.2.0-5.1 liblhasa0-0.2.0-5.1 liblhasa0-debuginfo-0.2.0-5.1 References: https://www.suse.com/security/cve/CVE-2016-2347.html https://bugzilla.suse.com/973790 From sle-security-updates at lists.suse.com Tue Apr 19 07:07:59 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 19 Apr 2016 15:07:59 +0200 (CEST) Subject: SUSE-SU-2016:1100-1: moderate: Security update for cairo Message-ID: <20160419130759.6072AFF50@maintenance.suse.de> SUSE Security Update: Security update for cairo ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1100-1 Rating: moderate References: #971964 Cross-References: CVE-2016-3190 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for cairo fixes the following issues: - CVE-2016-3190: Fixed an out-of-bound read in the fill_xrgb32_lerp_opaque_spans function that might lead to a crash when processing a maliciously crafted image file (bsc#971964). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-646=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-646=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-646=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-646=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-646=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-646=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-13.1 cairo-devel-1.12.16-13.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-13.1 cairo-devel-1.12.16-13.1 libcairo-script-interpreter2-1.12.16-13.1 libcairo-script-interpreter2-debuginfo-1.12.16-13.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-13.1 libcairo-gobject2-1.12.16-13.1 libcairo-gobject2-debuginfo-1.12.16-13.1 libcairo-script-interpreter2-1.12.16-13.1 libcairo-script-interpreter2-debuginfo-1.12.16-13.1 libcairo2-1.12.16-13.1 libcairo2-debuginfo-1.12.16-13.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libcairo-gobject2-32bit-1.12.16-13.1 libcairo-gobject2-debuginfo-32bit-1.12.16-13.1 libcairo2-32bit-1.12.16-13.1 libcairo2-debuginfo-32bit-1.12.16-13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-13.1 libcairo-gobject2-1.12.16-13.1 libcairo-gobject2-debuginfo-1.12.16-13.1 libcairo2-1.12.16-13.1 libcairo2-debuginfo-1.12.16-13.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libcairo-gobject2-32bit-1.12.16-13.1 libcairo-gobject2-debuginfo-32bit-1.12.16-13.1 libcairo2-32bit-1.12.16-13.1 libcairo2-debuginfo-32bit-1.12.16-13.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): cairo-debugsource-1.12.16-13.1 libcairo-gobject2-1.12.16-13.1 libcairo-gobject2-32bit-1.12.16-13.1 libcairo-gobject2-debuginfo-1.12.16-13.1 libcairo-gobject2-debuginfo-32bit-1.12.16-13.1 libcairo-script-interpreter2-1.12.16-13.1 libcairo-script-interpreter2-debuginfo-1.12.16-13.1 libcairo2-1.12.16-13.1 libcairo2-32bit-1.12.16-13.1 libcairo2-debuginfo-1.12.16-13.1 libcairo2-debuginfo-32bit-1.12.16-13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cairo-debugsource-1.12.16-13.1 libcairo-gobject2-1.12.16-13.1 libcairo-gobject2-32bit-1.12.16-13.1 libcairo-gobject2-debuginfo-1.12.16-13.1 libcairo-gobject2-debuginfo-32bit-1.12.16-13.1 libcairo2-1.12.16-13.1 libcairo2-32bit-1.12.16-13.1 libcairo2-debuginfo-1.12.16-13.1 libcairo2-debuginfo-32bit-1.12.16-13.1 References: https://www.suse.com/security/cve/CVE-2016-3190.html https://bugzilla.suse.com/971964 From sle-security-updates at lists.suse.com Tue Apr 19 11:07:56 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 19 Apr 2016 19:07:56 +0200 (CEST) Subject: SUSE-SU-2016:1102-1: important: Security update for the Linux Kernel Message-ID: <20160419170756.36DB6FF2E@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1102-1 Rating: important References: #758040 #904035 #912738 #915183 #924919 #933782 #937444 #940017 #940946 #942082 #947128 #948330 #949298 #951392 #951815 #952976 #953369 #954992 #955308 #955654 #955837 #955925 #956084 #956375 #956514 #956708 #956949 #957986 #957988 #957990 #958000 #958463 #958886 #958906 #958912 #958951 #959190 #959312 #959399 #959649 #959705 #961500 #961509 #961516 #961658 #962965 #963276 #963561 #963765 #963767 #964201 #964818 #966094 #966137 #966437 #966693 #967042 #967972 #967973 #967974 #967975 #968011 #968012 #968013 #969307 #969571 Cross-References: CVE-2013-7446 CVE-2015-7515 CVE-2015-7550 CVE-2015-8539 CVE-2015-8543 CVE-2015-8550 CVE-2015-8551 CVE-2015-8552 CVE-2015-8569 CVE-2015-8575 CVE-2015-8767 CVE-2015-8785 CVE-2015-8812 CVE-2016-0723 CVE-2016-2069 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 23 vulnerabilities and has 43 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. Following feature was added to kernel-xen: - A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320200) It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode. The following security bugs were fixed: - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654). - CVE-2015-7515: An out of bounds memory access in the aiptek USB driver could be used by physical local attackers to crash the kernel (bnc#956708). - CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls (bnc#958951). - CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c (bnc#958463). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190 bnc#959399). - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509). - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765). - CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. This could be used by local attackers to cause machine crashes or potentially code execution (bsc#966437). - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500). - CVE-2016-2069: Race conditions in TLB syncing was fixed which could leak to information leaks (bnc#963767). - CVE-2016-2384: Removed a double free in the ALSA usb-audio driver in the umidi object which could lead to crashes (bsc#966693). - CVE-2016-2543: Added a missing NULL check at remove_events ioctl in ALSA that could lead to crashes. (bsc#967972). - CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549: Various race conditions in ALSAs timer handling were fixed. (bsc#967975, bsc#967974, bsc#967973, bsc#968011, bsc#968012, bsc#968013). The following non-security bugs were fixed: - Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658). - alsa: hda - Add one more node in the EAPD supporting candidate list (bsc#963561). - alsa: hda - Apply clock gate workaround to Skylake, too (bsc#966137). - alsa: hda - disable dynamic clock gating on Broxton before reset (bsc#966137). - alsa: hda - Fix playback noise with 24/32 bit sample size on BXT (bsc#966137). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - block: Always check queue limits for cloned requests (bsc#933782). - block: xen-blkfront: Fix possible NULL ptr dereference (bsc#961658 fate#320200). - bnx2x: Add new device ids under the Qlogic vendor (bsc#964818). - bnx2x: Alloc 4k fragment for each rx ring buffer element (bsc#953369). - bnx2x: fix DMA API usage (bsc#953369). - driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965). - drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#961658 fate#320200). - driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#961658 fate#320200). - drm/i915: Change semantics of hw_contexts_disabled (bsc#963276). - drm/i915: Evict CS TLBs between batches (bsc#758040). - drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040). - e1000e: Do not read ICR in Other interrupt (bsc#924919). - e1000e: Do not write lsc to ics in msi-x mode (bsc#924919). - e1000e: Fix msi-x interrupt automask (bsc#924919). - e1000e: Remove unreachable code (bsc#924919). - ec2: Update kabi files and start tracking ec2 - ext3: fix data=journal fast mount/umount hang (bsc#942082). - ext3: NULL dereference in ext3_evict_inode() (bsc#942082). - firmware: Create directories for external firmware (bsc#959312). - firmware: Simplify directory creation (bsc#959312). - Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201). - ftdi_sio: private backport of TIOCMIWAIT (bnc#956375). - iommu/vt-d: Do not change dma domain on dma-mask change (bsc#955925). - jbd: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516). - kabi/severities: Add exception for bnx2x_schedule_sp_rtnl() There is no external, 3rd party modules use the symbol and the bnx2x_schedule_sp_rtnl symbol is only used in the bnx2x driver. (bsc#953369) - kbuild: create directory for dir/file.o (bsc#959312). - llist/xen-blkfront: implement safe version of llist_for_each_entry (bsc#961658 fate#320200). - lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392). - memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571). - mm-memcg-print-statistics-from-live-counters-fix (bnc#969307). - nfsv4: Recovery of recalled read delegations is broken (bsc#956514). - nvme: Clear BIO_SEG_VALID flag in nvme_bio_split() (bsc#954992). - nvme: default to 4k device page size (bsc#967042). - pci: leave MEM and IO decoding disabled during 64-bit BAR sizing, too (bsc#951815). - pci: Update VPD size with correct length (bsc#958906). - pl2303: fix TIOCMIWAIT (bnc#959649). - pl2303: introduce private disconnect method (bnc#959649). - qeth: initialize net_device with carrier off (bnc#958000, LTC#136514). - Refresh patches.xen/xen3-08-x86-ldt-make-modify_ldt-synchronous.patch (bsc#959705). - Refresh patches.xen/xen-vscsi-large-requests (refine fix and also address bsc#966094). - rt: v3.0-rt relevant @stable-rt patches from v3.2-rt rt111 update - s390/cio: collect format 1 channel-path description data (bnc#958000, LTC#136434). - s390/cio: ensure consistent measurement state (bnc#958000, LTC#136434). - s390/cio: fix measurement characteristics memleak (bnc#958000, LTC#136434). - s390/cio: update measurement characteristics (bnc#958000, LTC#136434). - s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138). - s390/sclp: Determine HSA size dynamically for zfcpdump (bnc#958000, LTC#136143). - s390/sclp: Move declarations for sclp_sdias into separate header file (bnc#958000, LTC#136143). - scsi_dh_rdac: always retry MODE SELECT on command lock violation (bsc#956949). - sunrpc: restore fair scheduling to priority queues (bsc#955308). - supported.conf: Add xen-blkfront. - tg3: 5715 does not link up when autoneg off (bsc#904035). - Update patches.fixes/mm-exclude-reserved-pages-from-dirtyable-memory-fix.patch (bnc#940017, bnc#949298, bnc#947128). - usb: ftdi_sio: fix race condition in TIOCMIWAIT, and abort of TIOCMIWAIT when the device is removed (bnc#956375). - usb: ftdi_sio: fix status line change handling for TIOCMIWAIT and TIOCGICOUNT (bnc#956375). - usb: ftdi_sio: fix tiocmget and tiocmset return values (bnc#956375). - usb: ftdi_sio: fix tiocmget indentation (bnc#956375). - usb: ftdi_sio: optimise chars_in_buffer (bnc#956375). - usb: ftdi_sio: refactor modem-control status retrieval (bnc#956375). - usb: ftdi_sio: remove unnecessary memset (bnc#956375). - usb: ftdi_sio: use ftdi_get_modem_status in chars_in_buffer (bnc#956375). - usb: ftdi_sio: use generic chars_in_buffer (bnc#956375). - usb: pl2303: clean up line-status handling (bnc#959649). - usb: pl2303: only wake up MSR queue on changes (bnc#959649). - usb: pl2303: remove bogus delta_msr_wait wake up (bnc#959649). - usb: serial: export usb_serial_generic_chars_in_buffer (bnc#956375). - usb: serial: ftdi_sio: Add missing chars_in_buffer function (bnc#956375). - vmxnet3: fix building without CONFIG_PCI_MSI (bsc#958912). - vmxnet3: fix netpoll race condition (bsc#958912). - xen/blkback: Persistent grant maps for xen blk drivers (bsc#961658 fate#320200). - xen/blkback: persistent-grants fixes (bsc#961658 fate#320200). - xen-blkfront: allow building in our Xen environment (bsc#961658 fate#320200). - xen/blk[front|back]: Enhance discard support with secure erasing support (bsc#961658 fate#320200). - xen/blk[front|back]: Squash blkif_request_rw and blkif_request_discard together (bsc#961658 fate#320200). - xen-blkfront: check for null drvdata in blkback_changed (XenbusStateClosing) (bsc#961658 fate#320200). - xen-blkfront: do not add indirect pages to list when !feature_persistent (bsc#961658 fate#320200). - xen/blkfront: do not put bdev right after getting it (bsc#961658 fate#320200). - xen-blkfront: drop the use of llist_for_each_entry_safe (bsc#961658 fate#320200). - xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#961658 fate#320200). - xen-blkfront: fix accounting of reqs when migrating (bsc#961658 fate#320200). - xen-blkfront: fix a deadlock while handling discard response (bsc#961658 fate#320200). - xen/blkfront: Fix crash if backend does not follow the right states (bsc#961658 fate#320200). - xen-blkfront: free allocated page (bsc#961658 fate#320200). - xen-blkfront: handle backend CLOSED without CLOSING (bsc#961658 fate#320200). - xen-blkfront: handle bvecs with partial data (bsc#961658 fate#320200). - xen-blkfront: Handle discard requests (bsc#961658 fate#320200). - xen-blkfront: If no barrier or flush is supported, use invalid operation (bsc#961658 fate#320200). - xen-blkfront: improve aproximation of required grants per request (bsc#961658 fate#320200). - xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#961658 fate#320200). - xen-blkfront: Introduce a 'max' module parameter to alter the amount of indirect segments (bsc#961658 fate#320200). - xen-blkfront: make blkif_io_lock spinlock per-device (bsc#961658 fate#320200). - xen-blkfront: plug device number leak in xlblk_init() error path (bsc#961658 fate#320200). - xen-blkfront: pre-allocate pages for requests (bsc#961658 fate#320200). - xen-blkfront: remove frame list from blk_shadow (bsc#961658 fate#320200). - xen/blkfront: remove redundant flush_op (bsc#961658 fate#320200). - xen-blkfront: remove type check from blkfront_setup_discard (bsc#961658 fate#320200). - xen-blkfront: restore the non-persistent data path (bsc#961658 fate#320200). - xen-blkfront: revoke foreign access for grants not mapped by the backend (bsc#961658 fate#320200). - xen-blkfront: set blk_queue_max_hw_sectors correctly (bsc#961658 fate#320200). - xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#961658 fate#320200). - xen-blkfront: switch from llist to list (bsc#961658 fate#320200). - xen-blkfront: use a different scatterlist for each request (bsc#961658 fate#320200). - xen-block: implement indirect descriptors (bsc#961658 fate#320200). - xen: consolidate and simplify struct xenbus_driver instantiation (bsc#961658 fate#320200). - xen/panic/x86: Allow cpus to save registers even if they (bnc#940946). - xen/panic/x86: Fix re-entrance problem due to panic on (bnc#937444). - xen/pvhvm: If xen_platform_pci=0 is set do not blow up (v4) (bsc#961658 fate#320200). - xen: Update Xen config files (enable upstream block frontend). - xen/x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (bnc#963767). - xen: x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330). - xen: x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330). - xfs: Skip dirty pages in ->releasepage (bnc#912738, bnc#915183). - zfcp: fix fc_host port_type with NPIV (bnc#958000, LTC#132479). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-kernel-201603-12516=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-201603-12516=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-51.1 kernel-rt-base-3.0.101.rt130-51.1 kernel-rt-devel-3.0.101.rt130-51.1 kernel-rt_trace-3.0.101.rt130-51.1 kernel-rt_trace-base-3.0.101.rt130-51.1 kernel-rt_trace-devel-3.0.101.rt130-51.1 kernel-source-rt-3.0.101.rt130-51.1 kernel-syms-rt-3.0.101.rt130-51.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-51.1 kernel-rt-debugsource-3.0.101.rt130-51.1 kernel-rt_debug-debuginfo-3.0.101.rt130-51.1 kernel-rt_debug-debugsource-3.0.101.rt130-51.1 kernel-rt_trace-debuginfo-3.0.101.rt130-51.1 kernel-rt_trace-debugsource-3.0.101.rt130-51.1 References: https://www.suse.com/security/cve/CVE-2013-7446.html https://www.suse.com/security/cve/CVE-2015-7515.html https://www.suse.com/security/cve/CVE-2015-7550.html https://www.suse.com/security/cve/CVE-2015-8539.html https://www.suse.com/security/cve/CVE-2015-8543.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8551.html https://www.suse.com/security/cve/CVE-2015-8552.html https://www.suse.com/security/cve/CVE-2015-8569.html https://www.suse.com/security/cve/CVE-2015-8575.html https://www.suse.com/security/cve/CVE-2015-8767.html https://www.suse.com/security/cve/CVE-2015-8785.html https://www.suse.com/security/cve/CVE-2015-8812.html https://www.suse.com/security/cve/CVE-2016-0723.html https://www.suse.com/security/cve/CVE-2016-2069.html https://www.suse.com/security/cve/CVE-2016-2384.html https://www.suse.com/security/cve/CVE-2016-2543.html https://www.suse.com/security/cve/CVE-2016-2544.html https://www.suse.com/security/cve/CVE-2016-2545.html https://www.suse.com/security/cve/CVE-2016-2546.html https://www.suse.com/security/cve/CVE-2016-2547.html https://www.suse.com/security/cve/CVE-2016-2548.html https://www.suse.com/security/cve/CVE-2016-2549.html https://bugzilla.suse.com/758040 https://bugzilla.suse.com/904035 https://bugzilla.suse.com/912738 https://bugzilla.suse.com/915183 https://bugzilla.suse.com/924919 https://bugzilla.suse.com/933782 https://bugzilla.suse.com/937444 https://bugzilla.suse.com/940017 https://bugzilla.suse.com/940946 https://bugzilla.suse.com/942082 https://bugzilla.suse.com/947128 https://bugzilla.suse.com/948330 https://bugzilla.suse.com/949298 https://bugzilla.suse.com/951392 https://bugzilla.suse.com/951815 https://bugzilla.suse.com/952976 https://bugzilla.suse.com/953369 https://bugzilla.suse.com/954992 https://bugzilla.suse.com/955308 https://bugzilla.suse.com/955654 https://bugzilla.suse.com/955837 https://bugzilla.suse.com/955925 https://bugzilla.suse.com/956084 https://bugzilla.suse.com/956375 https://bugzilla.suse.com/956514 https://bugzilla.suse.com/956708 https://bugzilla.suse.com/956949 https://bugzilla.suse.com/957986 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/957990 https://bugzilla.suse.com/958000 https://bugzilla.suse.com/958463 https://bugzilla.suse.com/958886 https://bugzilla.suse.com/958906 https://bugzilla.suse.com/958912 https://bugzilla.suse.com/958951 https://bugzilla.suse.com/959190 https://bugzilla.suse.com/959312 https://bugzilla.suse.com/959399 https://bugzilla.suse.com/959649 https://bugzilla.suse.com/959705 https://bugzilla.suse.com/961500 https://bugzilla.suse.com/961509 https://bugzilla.suse.com/961516 https://bugzilla.suse.com/961658 https://bugzilla.suse.com/962965 https://bugzilla.suse.com/963276 https://bugzilla.suse.com/963561 https://bugzilla.suse.com/963765 https://bugzilla.suse.com/963767 https://bugzilla.suse.com/964201 https://bugzilla.suse.com/964818 https://bugzilla.suse.com/966094 https://bugzilla.suse.com/966137 https://bugzilla.suse.com/966437 https://bugzilla.suse.com/966693 https://bugzilla.suse.com/967042 https://bugzilla.suse.com/967972 https://bugzilla.suse.com/967973 https://bugzilla.suse.com/967974 https://bugzilla.suse.com/967975 https://bugzilla.suse.com/968011 https://bugzilla.suse.com/968012 https://bugzilla.suse.com/968013 https://bugzilla.suse.com/969307 https://bugzilla.suse.com/969571 From sle-security-updates at lists.suse.com Tue Apr 19 13:07:46 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 19 Apr 2016 21:07:46 +0200 (CEST) Subject: SUSE-SU-2016:1105-1: important: Security update for samba Message-ID: <20160419190746.76B27FF50@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1105-1 Rating: important References: #913087 #958582 #973031 #973032 Cross-References: CVE-2015-5252 CVE-2016-2110 CVE-2016-2111 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: Samba was updated to fix three security issues. These security issues were fixed: * CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bso#11688, bsc#973031). * CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bso#11749, bsc#973032). * CVE-2015-5252: Insufficient symlink verification (allowed file access outside the share) (bso#11395, bnc#958582). This non-security issue was fixed: * Allow "delete readonly = yes" to correctly override deletion of a file (bsc#913087, bso#5073) Security Issues: * CVE-2016-2110 * CVE-2016-2111 * CVE-2015-5252 Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): cifs-mount-3.0.36-0.13.32.1 ldapsmb-1.34b-25.13.32.1 libmsrpc-3.0.36-0.13.32.1 libmsrpc-devel-3.0.36-0.13.32.1 libsmbclient-3.0.36-0.13.32.1 libsmbclient-devel-3.0.36-0.13.32.1 samba-3.0.36-0.13.32.1 samba-client-3.0.36-0.13.32.1 samba-krb-printing-3.0.36-0.13.32.1 samba-python-3.0.36-0.13.32.1 samba-vscan-0.3.6b-43.13.32.1 samba-winbind-3.0.36-0.13.32.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): libsmbclient-32bit-3.0.36-0.13.32.1 samba-32bit-3.0.36-0.13.32.1 samba-client-32bit-3.0.36-0.13.32.1 samba-winbind-32bit-3.0.36-0.13.32.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (noarch): samba-doc-3.0.36-0.12.32.1 References: https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://bugzilla.suse.com/913087 https://bugzilla.suse.com/958582 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://download.suse.com/patch/finder/?keywords=7a8b86525db490aaf0868ada97807c68 From sle-security-updates at lists.suse.com Mon Apr 25 05:08:12 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 13:08:12 +0200 (CEST) Subject: SUSE-SU-2016:1138-1: important: Security update for yast2-users Message-ID: <20160425110812.BE9B5FF50@maintenance.suse.de> SUSE Security Update: Security update for yast2-users ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1138-1 Rating: important References: #971804 #973639 #974220 Cross-References: CVE-2016-1601 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: yast2-users was updated to fix one security issue. This security issue was fixed: - CVE-2016-1601: Empty passwords fields in /etc/shadow after SLES 12 SP1 autoyast installation (bsc#974220). This update includes a script that fixes installations that we're affected by this problem. It is run automatically upon installing the update. This non-security issue was fixed: - bsc#971804: Set root password correctly when using a minimal profile Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-669=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-669=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-669=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): yast2-users-debuginfo-3.1.41.3-9.1 yast2-users-debugsource-3.1.41.3-9.1 yast2-users-devel-doc-3.1.41.3-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): yast2-users-3.1.41.3-9.1 yast2-users-debuginfo-3.1.41.3-9.1 yast2-users-debugsource-3.1.41.3-9.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): yast2-users-3.1.41.3-9.1 yast2-users-debuginfo-3.1.41.3-9.1 yast2-users-debugsource-3.1.41.3-9.1 References: https://www.suse.com/security/cve/CVE-2016-1601.html https://bugzilla.suse.com/971804 https://bugzilla.suse.com/973639 https://bugzilla.suse.com/974220 From sle-security-updates at lists.suse.com Mon Apr 25 05:09:05 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 13:09:05 +0200 (CEST) Subject: SUSE-SU-2016:1139-1: moderate: Security update for giflib Message-ID: <20160425110905.88D21FF3D@maintenance.suse.de> SUSE Security Update: Security update for giflib ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1139-1 Rating: moderate References: #974847 Cross-References: CVE-2016-3977 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: giflib was updated to fix one security issue. This security issue was fixed: - CVE-2016-3977: Heap buffer overflow in gif2rgb (bsc#974847). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-giflib-12526=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-giflib-12526=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-giflib-12526=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-devel-4.1.6-21.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): giflib-devel-32bit-4.1.6-21.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-4.1.6-21.1 giflib-progs-4.1.6-21.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): giflib-32bit-4.1.6-21.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): giflib-x86-4.1.6-21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-debuginfo-4.1.6-21.1 giflib-debugsource-4.1.6-21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): giflib-debuginfo-32bit-4.1.6-21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): giflib-debuginfo-x86-4.1.6-21.1 References: https://www.suse.com/security/cve/CVE-2016-3977.html https://bugzilla.suse.com/974847 From sle-security-updates at lists.suse.com Mon Apr 25 05:09:27 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 13:09:27 +0200 (CEST) Subject: SUSE-SU-2016:1140-1: moderate: Security update for giflib Message-ID: <20160425110927.D6183FF3D@maintenance.suse.de> SUSE Security Update: Security update for giflib ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1140-1 Rating: moderate References: #974847 Cross-References: CVE-2016-3977 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: giflib was updated to fix one security issue. This security issue was fixed: - CVE-2016-3977: Heap buffer overflow in gif2rgb (bsc#974847). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-667=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-667=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-667=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-667=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-667=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-667=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-12.1 giflib-devel-5.0.5-12.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-12.1 giflib-devel-5.0.5-12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-12.1 giflib-progs-5.0.5-12.1 giflib-progs-debuginfo-5.0.5-12.1 libgif6-5.0.5-12.1 libgif6-debuginfo-5.0.5-12.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgif6-32bit-5.0.5-12.1 libgif6-debuginfo-32bit-5.0.5-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-12.1 giflib-progs-5.0.5-12.1 giflib-progs-debuginfo-5.0.5-12.1 libgif6-5.0.5-12.1 libgif6-debuginfo-5.0.5-12.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgif6-32bit-5.0.5-12.1 libgif6-debuginfo-32bit-5.0.5-12.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): giflib-debugsource-5.0.5-12.1 libgif6-32bit-5.0.5-12.1 libgif6-5.0.5-12.1 libgif6-debuginfo-32bit-5.0.5-12.1 libgif6-debuginfo-5.0.5-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): giflib-debugsource-5.0.5-12.1 libgif6-32bit-5.0.5-12.1 libgif6-5.0.5-12.1 libgif6-debuginfo-32bit-5.0.5-12.1 libgif6-debuginfo-5.0.5-12.1 References: https://www.suse.com/security/cve/CVE-2016-3977.html https://bugzilla.suse.com/974847 From sle-security-updates at lists.suse.com Mon Apr 25 11:08:06 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 19:08:06 +0200 (CEST) Subject: SUSE-SU-2016:1145-1: important: Security update for php53 Message-ID: <20160425170806.BA072FF2E@maintenance.suse.de> SUSE Security Update: Security update for php53 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1145-1 Rating: important References: #949961 #968284 #969821 #971611 #971612 #971912 #973351 #973792 Cross-References: CVE-2014-9767 CVE-2015-7803 CVE-2015-8835 CVE-2015-8838 CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-3185 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for php53 fixes the following issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2015-7803: A Stack overflow vulnerability when decompressing tar phar archives could potentially lead to code execution. [bsc#949961] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-php53-12527=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-php53-12527=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-php53-12527=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): php53-devel-5.3.17-59.1 php53-imap-5.3.17-59.1 php53-posix-5.3.17-59.1 php53-readline-5.3.17-59.1 php53-sockets-5.3.17-59.1 php53-sqlite-5.3.17-59.1 php53-tidy-5.3.17-59.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php53-5.3.17-59.1 php53-5.3.17-59.1 php53-bcmath-5.3.17-59.1 php53-bz2-5.3.17-59.1 php53-calendar-5.3.17-59.1 php53-ctype-5.3.17-59.1 php53-curl-5.3.17-59.1 php53-dba-5.3.17-59.1 php53-dom-5.3.17-59.1 php53-exif-5.3.17-59.1 php53-fastcgi-5.3.17-59.1 php53-fileinfo-5.3.17-59.1 php53-ftp-5.3.17-59.1 php53-gd-5.3.17-59.1 php53-gettext-5.3.17-59.1 php53-gmp-5.3.17-59.1 php53-iconv-5.3.17-59.1 php53-intl-5.3.17-59.1 php53-json-5.3.17-59.1 php53-ldap-5.3.17-59.1 php53-mbstring-5.3.17-59.1 php53-mcrypt-5.3.17-59.1 php53-mysql-5.3.17-59.1 php53-odbc-5.3.17-59.1 php53-openssl-5.3.17-59.1 php53-pcntl-5.3.17-59.1 php53-pdo-5.3.17-59.1 php53-pear-5.3.17-59.1 php53-pgsql-5.3.17-59.1 php53-pspell-5.3.17-59.1 php53-shmop-5.3.17-59.1 php53-snmp-5.3.17-59.1 php53-soap-5.3.17-59.1 php53-suhosin-5.3.17-59.1 php53-sysvmsg-5.3.17-59.1 php53-sysvsem-5.3.17-59.1 php53-sysvshm-5.3.17-59.1 php53-tokenizer-5.3.17-59.1 php53-wddx-5.3.17-59.1 php53-xmlreader-5.3.17-59.1 php53-xmlrpc-5.3.17-59.1 php53-xmlwriter-5.3.17-59.1 php53-xsl-5.3.17-59.1 php53-zip-5.3.17-59.1 php53-zlib-5.3.17-59.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): php53-debuginfo-5.3.17-59.1 php53-debugsource-5.3.17-59.1 References: https://www.suse.com/security/cve/CVE-2014-9767.html https://www.suse.com/security/cve/CVE-2015-7803.html https://www.suse.com/security/cve/CVE-2015-8835.html https://www.suse.com/security/cve/CVE-2015-8838.html https://www.suse.com/security/cve/CVE-2016-2554.html https://www.suse.com/security/cve/CVE-2016-3141.html https://www.suse.com/security/cve/CVE-2016-3142.html https://www.suse.com/security/cve/CVE-2016-3185.html https://bugzilla.suse.com/949961 https://bugzilla.suse.com/968284 https://bugzilla.suse.com/969821 https://bugzilla.suse.com/971611 https://bugzilla.suse.com/971612 https://bugzilla.suse.com/971912 https://bugzilla.suse.com/973351 https://bugzilla.suse.com/973792 From sle-security-updates at lists.suse.com Mon Apr 25 12:07:54 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 20:07:54 +0200 (CEST) Subject: SUSE-SU-2016:1146-1: important: Security update for portus Message-ID: <20160425180754.5AAE6FF50@maintenance.suse.de> SUSE Security Update: Security update for portus ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1146-1 Rating: important References: #963326 #963327 #963328 #963563 #963604 #963608 #963617 #963625 #963627 #969943 Cross-References: CVE-2015-7576 CVE-2015-7577 CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 CVE-2015-7581 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753 CVE-2016-2098 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: Portus was updated to version 2.0.3, which brings several fixes and enhancements: - Fixed crono job when a repository could not be found. - Fixed compatibility issues with Docker 1.10 and Distribution 2.3. - Handle multiple scopes in token requests. - Add optional fields to token response. - Fixed notification events for Distribution v2.3. - Paginate through the catalog properly. - Do not remove all the repositories if fetching one fails. - Fixed SMTP setup. - Don't let crono overflow the 'log' column on the DB. - Show the actual LDAP error on invalid login. - Fixed the location of crono logs. - Always use relative paths. - Set RUBYLIB when using portusctl. - Don't count hidden teams on the admin panel. - Warn developers on unsupported docker-compose versions. - Directly invalidate LDAP logins without name and password. - Don't show the "I forgot my password" link on LDAP. The following Rubygems bundled within Portus have been updated to fix security issues: - CVE-2016-2098: rubygem-actionpack (bsc#969943). - CVE-2015-7578: rails-html-sanitizer (bsc#963326). - CVE-2015-7579: rails-html-sanitizer (bsc#963327). - CVE-2015-7580: rails-html-sanitizer (bsc#963328). - CVE-2015-7576: rubygem-actionpack, rubygem-activesupport (bsc#963563). - CVE-2015-7577: rubygem-activerecord (bsc#963604). - CVE-2016-0751: rugygem-actionpack (bsc#963627). - CVE-2016-0752: rubygem-actionpack, rubygem-actionview (bsc#963608). - CVE-2016-0753: rubygem-activemodel, rubygem-activesupport, rubygem-activerecord (bsc#963617). - CVE-2015-7581: rubygem-actionpack (bsc#963625). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-672=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (x86_64): portus-2.0.3-2.4 portus-debuginfo-2.0.3-2.4 portus-debugsource-2.0.3-2.4 References: https://www.suse.com/security/cve/CVE-2015-7576.html https://www.suse.com/security/cve/CVE-2015-7577.html https://www.suse.com/security/cve/CVE-2015-7578.html https://www.suse.com/security/cve/CVE-2015-7579.html https://www.suse.com/security/cve/CVE-2015-7580.html https://www.suse.com/security/cve/CVE-2015-7581.html https://www.suse.com/security/cve/CVE-2016-0751.html https://www.suse.com/security/cve/CVE-2016-0752.html https://www.suse.com/security/cve/CVE-2016-0753.html https://www.suse.com/security/cve/CVE-2016-2098.html https://bugzilla.suse.com/963326 https://bugzilla.suse.com/963327 https://bugzilla.suse.com/963328 https://bugzilla.suse.com/963563 https://bugzilla.suse.com/963604 https://bugzilla.suse.com/963608 https://bugzilla.suse.com/963617 https://bugzilla.suse.com/963625 https://bugzilla.suse.com/963627 https://bugzilla.suse.com/969943 From sle-security-updates at lists.suse.com Mon Apr 25 13:08:31 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 25 Apr 2016 21:08:31 +0200 (CEST) Subject: SUSE-SU-2016:1149-1: moderate: Security update for freetype2 Message-ID: <20160425190831.5DBA5FEBC@maintenance.suse.de> SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1149-1 Rating: moderate References: #945849 #947966 Cross-References: CVE-2014-9745 CVE-2014-9747 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of the freetype2 library fixes two security issues: - An infinite loop in parse_encoding in t1load.c (CVE-2014-9745, bsc#945849) - Use of uninitialized memory in ps_parser_load_field, t42_parse_font_matrix and t1_parse_font_matrix (CVE-2014-9747, bsc#947966) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-freetype2-12528=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-freetype2-12528=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-freetype2-12528=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): freetype2-devel-2.3.7-25.41.4 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): freetype2-devel-32bit-2.3.7-25.41.4 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): freetype2-2.3.7-25.41.4 ft2demos-2.3.7-25.41.4 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): freetype2-32bit-2.3.7-25.41.4 - SUSE Linux Enterprise Server 11-SP4 (ia64): freetype2-x86-2.3.7-25.41.4 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): freetype2-debuginfo-2.3.7-25.41.4 freetype2-debugsource-2.3.7-25.41.4 ft2demos-debuginfo-2.3.7-25.41.4 ft2demos-debugsource-2.3.7-25.41.4 References: https://www.suse.com/security/cve/CVE-2014-9745.html https://www.suse.com/security/cve/CVE-2014-9747.html https://bugzilla.suse.com/945849 https://bugzilla.suse.com/947966 From sle-security-updates at lists.suse.com Tue Apr 26 08:08:06 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 26 Apr 2016 16:08:06 +0200 (CEST) Subject: SUSE-SU-2016:1154-1: important: Security update for xen Message-ID: <20160426140806.70054FF4D@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1154-1 Rating: important References: #864391 #864655 #864769 #864805 #864811 #877642 #897654 #901508 #902737 #945989 #957162 #957988 #958007 #958009 #958491 #958523 #959005 #960707 #960725 #960861 #960862 #961691 #963782 #965315 #965317 #967013 #967630 #969350 Cross-References: CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2014-0222 CVE-2014-3640 CVE-2014-3689 CVE-2014-7815 CVE-2015-5278 CVE-2015-7512 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8743 CVE-2015-8745 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1981 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2841 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS ______________________________________________________________________________ An update that solves 26 vulnerabilities and has two fixes is now available. Description: xen was updated to fix 27 security issues. These security issues were fixed: - CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655). - CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811). - CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391). - CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769). - CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805). - CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654). - CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508). - CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737). - CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989). - CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162). - CVE-2015-8504: VNC: floating point exception (bsc#958491). - CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988). - CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007). - CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009). - CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005). - CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725). - CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707). - CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861). - CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862). - CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691). - CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782). - CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315). - CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317). - CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013). - CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350). - XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523). This non-security issue was fixed: - bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-xen-12530=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): xen-devel-4.1.6_08-26.1 xen-kmp-default-4.1.6_08_3.0.101_0.7.37-26.1 xen-kmp-trace-4.1.6_08_3.0.101_0.7.37-26.1 xen-libs-4.1.6_08-26.1 xen-tools-domU-4.1.6_08-26.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (x86_64): xen-4.1.6_08-26.1 xen-doc-html-4.1.6_08-26.1 xen-doc-pdf-4.1.6_08-26.1 xen-libs-32bit-4.1.6_08-26.1 xen-tools-4.1.6_08-26.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): xen-kmp-pae-4.1.6_08_3.0.101_0.7.37-26.1 References: https://www.suse.com/security/cve/CVE-2013-4533.html https://www.suse.com/security/cve/CVE-2013-4534.html https://www.suse.com/security/cve/CVE-2013-4537.html https://www.suse.com/security/cve/CVE-2013-4538.html https://www.suse.com/security/cve/CVE-2013-4539.html https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2014-3640.html https://www.suse.com/security/cve/CVE-2014-3689.html https://www.suse.com/security/cve/CVE-2014-7815.html https://www.suse.com/security/cve/CVE-2015-5278.html https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8504.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8554.html https://www.suse.com/security/cve/CVE-2015-8555.html https://www.suse.com/security/cve/CVE-2015-8558.html https://www.suse.com/security/cve/CVE-2015-8743.html https://www.suse.com/security/cve/CVE-2015-8745.html https://www.suse.com/security/cve/CVE-2016-1570.html https://www.suse.com/security/cve/CVE-2016-1571.html https://www.suse.com/security/cve/CVE-2016-1714.html https://www.suse.com/security/cve/CVE-2016-1981.html https://www.suse.com/security/cve/CVE-2016-2270.html https://www.suse.com/security/cve/CVE-2016-2271.html https://www.suse.com/security/cve/CVE-2016-2391.html https://www.suse.com/security/cve/CVE-2016-2841.html https://bugzilla.suse.com/864391 https://bugzilla.suse.com/864655 https://bugzilla.suse.com/864769 https://bugzilla.suse.com/864805 https://bugzilla.suse.com/864811 https://bugzilla.suse.com/877642 https://bugzilla.suse.com/897654 https://bugzilla.suse.com/901508 https://bugzilla.suse.com/902737 https://bugzilla.suse.com/945989 https://bugzilla.suse.com/957162 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/958007 https://bugzilla.suse.com/958009 https://bugzilla.suse.com/958491 https://bugzilla.suse.com/958523 https://bugzilla.suse.com/959005 https://bugzilla.suse.com/960707 https://bugzilla.suse.com/960725 https://bugzilla.suse.com/960861 https://bugzilla.suse.com/960862 https://bugzilla.suse.com/961691 https://bugzilla.suse.com/963782 https://bugzilla.suse.com/965315 https://bugzilla.suse.com/965317 https://bugzilla.suse.com/967013 https://bugzilla.suse.com/967630 https://bugzilla.suse.com/969350 From sle-security-updates at lists.suse.com Tue Apr 26 10:08:08 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 26 Apr 2016 18:08:08 +0200 (CEST) Subject: SUSE-SU-2016:1159-1: moderate: Security update for docker Message-ID: <20160426160808.C3937FF4D@maintenance.suse.de> SUSE Security Update: Security update for docker ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1159-1 Rating: moderate References: #976777 Cross-References: CVE-2016-3697 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: docker was updated to fix one security issue. This security issue was fixed: - CVE-2016-3697: Potential privilege escalation via confusion of usernames and UIDs (bsc#976777). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2016-682=1 - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-682=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): docker-1.10.3-66.1 docker-debuginfo-1.10.3-66.1 docker-debugsource-1.10.3-66.1 - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): docker-1.10.3-66.1 docker-debuginfo-1.10.3-66.1 docker-debugsource-1.10.3-66.1 References: https://www.suse.com/security/cve/CVE-2016-3697.html https://bugzilla.suse.com/976777 From sle-security-updates at lists.suse.com Wed Apr 27 12:08:02 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 27 Apr 2016 20:08:02 +0200 (CEST) Subject: SUSE-SU-2016:1166-1: important: Security update for php5 Message-ID: <20160427180802.1E113FF4D@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1166-1 Rating: important References: #968284 #969821 #971611 #971612 #971912 #973351 #973792 Cross-References: CVE-2014-9767 CVE-2015-8835 CVE-2015-8838 CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-3185 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for php5 fixes the following security issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-688=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-688=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2016-688=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-53.1 php5-debugsource-5.5.14-53.1 php5-devel-5.5.14-53.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-53.1 php5-debugsource-5.5.14-53.1 php5-devel-5.5.14-53.1 - SUSE Linux Enterprise Module for Web Scripting 12 (ppc64le s390x x86_64): apache2-mod_php5-5.5.14-53.1 apache2-mod_php5-debuginfo-5.5.14-53.1 php5-5.5.14-53.1 php5-bcmath-5.5.14-53.1 php5-bcmath-debuginfo-5.5.14-53.1 php5-bz2-5.5.14-53.1 php5-bz2-debuginfo-5.5.14-53.1 php5-calendar-5.5.14-53.1 php5-calendar-debuginfo-5.5.14-53.1 php5-ctype-5.5.14-53.1 php5-ctype-debuginfo-5.5.14-53.1 php5-curl-5.5.14-53.1 php5-curl-debuginfo-5.5.14-53.1 php5-dba-5.5.14-53.1 php5-dba-debuginfo-5.5.14-53.1 php5-debuginfo-5.5.14-53.1 php5-debugsource-5.5.14-53.1 php5-dom-5.5.14-53.1 php5-dom-debuginfo-5.5.14-53.1 php5-enchant-5.5.14-53.1 php5-enchant-debuginfo-5.5.14-53.1 php5-exif-5.5.14-53.1 php5-exif-debuginfo-5.5.14-53.1 php5-fastcgi-5.5.14-53.1 php5-fastcgi-debuginfo-5.5.14-53.1 php5-fileinfo-5.5.14-53.1 php5-fileinfo-debuginfo-5.5.14-53.1 php5-fpm-5.5.14-53.1 php5-fpm-debuginfo-5.5.14-53.1 php5-ftp-5.5.14-53.1 php5-ftp-debuginfo-5.5.14-53.1 php5-gd-5.5.14-53.1 php5-gd-debuginfo-5.5.14-53.1 php5-gettext-5.5.14-53.1 php5-gettext-debuginfo-5.5.14-53.1 php5-gmp-5.5.14-53.1 php5-gmp-debuginfo-5.5.14-53.1 php5-iconv-5.5.14-53.1 php5-iconv-debuginfo-5.5.14-53.1 php5-intl-5.5.14-53.1 php5-intl-debuginfo-5.5.14-53.1 php5-json-5.5.14-53.1 php5-json-debuginfo-5.5.14-53.1 php5-ldap-5.5.14-53.1 php5-ldap-debuginfo-5.5.14-53.1 php5-mbstring-5.5.14-53.1 php5-mbstring-debuginfo-5.5.14-53.1 php5-mcrypt-5.5.14-53.1 php5-mcrypt-debuginfo-5.5.14-53.1 php5-mysql-5.5.14-53.1 php5-mysql-debuginfo-5.5.14-53.1 php5-odbc-5.5.14-53.1 php5-odbc-debuginfo-5.5.14-53.1 php5-opcache-5.5.14-53.1 php5-opcache-debuginfo-5.5.14-53.1 php5-openssl-5.5.14-53.1 php5-openssl-debuginfo-5.5.14-53.1 php5-pcntl-5.5.14-53.1 php5-pcntl-debuginfo-5.5.14-53.1 php5-pdo-5.5.14-53.1 php5-pdo-debuginfo-5.5.14-53.1 php5-pgsql-5.5.14-53.1 php5-pgsql-debuginfo-5.5.14-53.1 php5-posix-5.5.14-53.1 php5-posix-debuginfo-5.5.14-53.1 php5-pspell-5.5.14-53.1 php5-pspell-debuginfo-5.5.14-53.1 php5-shmop-5.5.14-53.1 php5-shmop-debuginfo-5.5.14-53.1 php5-snmp-5.5.14-53.1 php5-snmp-debuginfo-5.5.14-53.1 php5-soap-5.5.14-53.1 php5-soap-debuginfo-5.5.14-53.1 php5-sockets-5.5.14-53.1 php5-sockets-debuginfo-5.5.14-53.1 php5-sqlite-5.5.14-53.1 php5-sqlite-debuginfo-5.5.14-53.1 php5-suhosin-5.5.14-53.1 php5-suhosin-debuginfo-5.5.14-53.1 php5-sysvmsg-5.5.14-53.1 php5-sysvmsg-debuginfo-5.5.14-53.1 php5-sysvsem-5.5.14-53.1 php5-sysvsem-debuginfo-5.5.14-53.1 php5-sysvshm-5.5.14-53.1 php5-sysvshm-debuginfo-5.5.14-53.1 php5-tokenizer-5.5.14-53.1 php5-tokenizer-debuginfo-5.5.14-53.1 php5-wddx-5.5.14-53.1 php5-wddx-debuginfo-5.5.14-53.1 php5-xmlreader-5.5.14-53.1 php5-xmlreader-debuginfo-5.5.14-53.1 php5-xmlrpc-5.5.14-53.1 php5-xmlrpc-debuginfo-5.5.14-53.1 php5-xmlwriter-5.5.14-53.1 php5-xmlwriter-debuginfo-5.5.14-53.1 php5-xsl-5.5.14-53.1 php5-xsl-debuginfo-5.5.14-53.1 php5-zip-5.5.14-53.1 php5-zip-debuginfo-5.5.14-53.1 php5-zlib-5.5.14-53.1 php5-zlib-debuginfo-5.5.14-53.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php5-pear-5.5.14-53.1 References: https://www.suse.com/security/cve/CVE-2014-9767.html https://www.suse.com/security/cve/CVE-2015-8835.html https://www.suse.com/security/cve/CVE-2015-8838.html https://www.suse.com/security/cve/CVE-2016-2554.html https://www.suse.com/security/cve/CVE-2016-3141.html https://www.suse.com/security/cve/CVE-2016-3142.html https://www.suse.com/security/cve/CVE-2016-3185.html https://bugzilla.suse.com/968284 https://bugzilla.suse.com/969821 https://bugzilla.suse.com/971611 https://bugzilla.suse.com/971612 https://bugzilla.suse.com/971912 https://bugzilla.suse.com/973351 https://bugzilla.suse.com/973792 From sle-security-updates at lists.suse.com Thu Apr 28 11:09:34 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 28 Apr 2016 19:09:34 +0200 (CEST) Subject: SUSE-SU-2016:1175-1: important: Security update for ntp Message-ID: <20160428170934.25BE3FEBC@maintenance.suse.de> SUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1175-1 Rating: important References: #782060 #784760 #916617 #951559 #951629 #956773 #962318 #962784 #962802 #962960 #962966 #962970 #962988 #962994 #962995 #962997 #963000 #963002 #975496 #975981 Cross-References: CVE-2015-5300 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 8 fixes is now available. Description: ntp was updated to version 4.2.8p6 to fix 12 security issues. These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966). - CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002). - CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784). - CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000). - CVE-2015-7977: reslist NULL pointer dereference (bsc#962970). - CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802). - CVE-2015-7975: nextvar() missing length check (bsc#962988). - CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960). - CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995). - CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994). - CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997). - CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629). These non-security issues were fixed: - fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd). This replaces the w32 patches in 4.2.4 that added the authreg directive. - bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd. When run as cron job, /usr/sbin/ is not in the path, which caused the synchronization to fail. - bsc#782060: Speedup ntpq. - bsc#916617: Add /var/db/ntp-kod. - bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems. - bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST. - Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted. - bsc#784760: Remove local clock from default configuration Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ntp-12533=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ntp-12533=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ntp-4.2.8p6-8.2 ntp-doc-4.2.8p6-8.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ntp-debuginfo-4.2.8p6-8.2 ntp-debugsource-4.2.8p6-8.2 References: https://www.suse.com/security/cve/CVE-2015-5300.html https://www.suse.com/security/cve/CVE-2015-7973.html https://www.suse.com/security/cve/CVE-2015-7974.html https://www.suse.com/security/cve/CVE-2015-7975.html https://www.suse.com/security/cve/CVE-2015-7976.html https://www.suse.com/security/cve/CVE-2015-7977.html https://www.suse.com/security/cve/CVE-2015-7978.html https://www.suse.com/security/cve/CVE-2015-7979.html https://www.suse.com/security/cve/CVE-2015-8138.html https://www.suse.com/security/cve/CVE-2015-8139.html https://www.suse.com/security/cve/CVE-2015-8140.html https://www.suse.com/security/cve/CVE-2015-8158.html https://bugzilla.suse.com/782060 https://bugzilla.suse.com/784760 https://bugzilla.suse.com/916617 https://bugzilla.suse.com/951559 https://bugzilla.suse.com/951629 https://bugzilla.suse.com/956773 https://bugzilla.suse.com/962318 https://bugzilla.suse.com/962784 https://bugzilla.suse.com/962802 https://bugzilla.suse.com/962960 https://bugzilla.suse.com/962966 https://bugzilla.suse.com/962970 https://bugzilla.suse.com/962988 https://bugzilla.suse.com/962994 https://bugzilla.suse.com/962995 https://bugzilla.suse.com/962997 https://bugzilla.suse.com/963000 https://bugzilla.suse.com/963002 https://bugzilla.suse.com/975496 https://bugzilla.suse.com/975981 From sle-security-updates at lists.suse.com Thu Apr 28 11:13:09 2016 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 28 Apr 2016 19:13:09 +0200 (CEST) Subject: SUSE-SU-2016:1177-1: important: Security update for ntp Message-ID: <20160428171309.0B074FEBC@maintenance.suse.de> SUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1177-1 Rating: important References: #782060 #916617 #937837 #951559 #951629 #956773 #962318 #962784 #962802 #962960 #962966 #962970 #962988 #962994 #962995 #962997 #963000 #963002 #975496 #975981 Cross-References: CVE-2015-5300 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 8 fixes is now available. Description: ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837) These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966). - CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002). - CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784). - CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000). - CVE-2015-7977: reslist NULL pointer dereference (bsc#962970). - CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802). - CVE-2015-7975: nextvar() missing length check (bsc#962988). - CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960). - CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995). - CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994). - CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997). - CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629). These non-security issues were fixed: - fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd). This replaces the w32 patches in 4.2.4 that added the authreg directive. - bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd. When run as cron job, /usr/sbin/ is not in the path, which caused the synchronization to fail. - bsc#782060: Speedup ntpq. - bsc#916617: Add /var/db/ntp-kod. - bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems. - bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST. - Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-694=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-694=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-694=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): yast2-ntp-client-devel-doc-3.1.22-6.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): ntp-4.2.8p6-8.2 ntp-debuginfo-4.2.8p6-8.2 ntp-debugsource-4.2.8p6-8.2 ntp-doc-4.2.8p6-8.2 - SUSE Linux Enterprise Server 12-SP1 (noarch): yast2-ntp-client-3.1.22-6.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ntp-4.2.8p6-8.2 ntp-debuginfo-4.2.8p6-8.2 ntp-debugsource-4.2.8p6-8.2 ntp-doc-4.2.8p6-8.2 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): yast2-ntp-client-3.1.22-6.2 References: https://www.suse.com/security/cve/CVE-2015-5300.html https://www.suse.com/security/cve/CVE-2015-7973.html https://www.suse.com/security/cve/CVE-2015-7974.html https://www.suse.com/security/cve/CVE-2015-7975.html https://www.suse.com/security/cve/CVE-2015-7976.html https://www.suse.com/security/cve/CVE-2015-7977.html https://www.suse.com/security/cve/CVE-2015-7978.html https://www.suse.com/security/cve/CVE-2015-7979.html https://www.suse.com/security/cve/CVE-2015-8138.html https://www.suse.com/security/cve/CVE-2015-8139.html https://www.suse.com/security/cve/CVE-2015-8140.html https://www.suse.com/security/cve/CVE-2015-8158.html https://bugzilla.suse.com/782060 https://bugzilla.suse.com/916617 https://bugzilla.suse.com/937837 https://bugzilla.suse.com/951559 https://bugzilla.suse.com/951629 https://bugzilla.suse.com/956773 https://bugzilla.suse.com/962318 https://bugzilla.suse.com/962784 https://bugzilla.suse.com/962802 https://bugzilla.suse.com/962960 https://bugzilla.suse.com/962966 https://bugzilla.suse.com/962970 https://bugzilla.suse.com/962988 https://bugzilla.suse.com/962994 https://bugzilla.suse.com/962995 https://bugzilla.suse.com/962997 https://bugzilla.suse.com/963000 https://bugzilla.suse.com/963002 https://bugzilla.suse.com/975496 https://bugzilla.suse.com/975981