From sle-security-updates at lists.suse.com Tue May 2 10:10:14 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 18:10:14 +0200 (CEST) Subject: SUSE-SU-2017:1143-1: important: Security update for xen Message-ID: <20170502161014.AB691101BF@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1143-1 Rating: important References: #1022703 #1028655 #1029827 #1030144 #1034843 #1034844 #1034994 #1036146 Cross-References: CVE-2016-9603 CVE-2017-7718 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has 6 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) These non-security issues were fixed: - bsc#1029827: Additional xenstore patch - bsc#1036146: Xen VM dumped core to wrong path - bsc#1022703: Prevent Xen HVM guest with OVMF to hang with unattached CDRom Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-663=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-663=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-663=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64): xen-debugsource-4.7.2_04-39.1 xen-devel-4.7.2_04-39.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): xen-4.7.2_04-39.1 xen-debugsource-4.7.2_04-39.1 xen-doc-html-4.7.2_04-39.1 xen-libs-32bit-4.7.2_04-39.1 xen-libs-4.7.2_04-39.1 xen-libs-debuginfo-32bit-4.7.2_04-39.1 xen-libs-debuginfo-4.7.2_04-39.1 xen-tools-4.7.2_04-39.1 xen-tools-debuginfo-4.7.2_04-39.1 xen-tools-domU-4.7.2_04-39.1 xen-tools-domU-debuginfo-4.7.2_04-39.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): xen-4.7.2_04-39.1 xen-debugsource-4.7.2_04-39.1 xen-libs-32bit-4.7.2_04-39.1 xen-libs-4.7.2_04-39.1 xen-libs-debuginfo-32bit-4.7.2_04-39.1 xen-libs-debuginfo-4.7.2_04-39.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-7718.html https://bugzilla.suse.com/1022703 https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1036146 From sle-security-updates at lists.suse.com Tue May 2 10:11:58 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 18:11:58 +0200 (CEST) Subject: SUSE-SU-2017:1145-1: important: Security update for xen Message-ID: <20170502161158.7695C101BF@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1145-1 Rating: important References: #1028655 #1029827 #1030144 #1034843 #1034844 #1034845 #1034994 #1035483 Cross-References: CVE-2016-9603 CVE-2017-7718 CVE-2017-7980 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has 5 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) These non-security issues were fixed: - bsc#1029827: Additional xenstore patch Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-13084=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-13084=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-13084=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_18-57.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_18_3.0.101_97-57.1 xen-libs-4.4.4_18-57.1 xen-tools-domU-4.4.4_18-57.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_18-57.1 xen-doc-html-4.4.4_18-57.1 xen-libs-32bit-4.4.4_18-57.1 xen-tools-4.4.4_18-57.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_18_3.0.101_97-57.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_18-57.1 xen-debugsource-4.4.4_18-57.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-7718.html https://www.suse.com/security/cve/CVE-2017-7980.html https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034845 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1035483 From sle-security-updates at lists.suse.com Tue May 2 10:13:28 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 18:13:28 +0200 (CEST) Subject: SUSE-SU-2017:1146-1: important: Security update for xen Message-ID: <20170502161328.A35E2101BC@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1146-1 Rating: important References: #1028655 #1033948 #1034843 #1034844 #1034845 #1034994 #1035483 Cross-References: CVE-2016-9603 CVE-2017-7718 CVE-2017-7980 CVE-2017-7995 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has three fixes is now available. Description: This update for xen fixes several security issues: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-xen-13085=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-xen-13085=1 - SUSE Manager 2.1: zypper in -t patch sleman21-xen-13085=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-xen-13085=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-xen-13085=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): xen-4.2.5_21-41.1 xen-doc-html-4.2.5_21-41.1 xen-doc-pdf-4.2.5_21-41.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-41.1 xen-libs-32bit-4.2.5_21-41.1 xen-libs-4.2.5_21-41.1 xen-tools-4.2.5_21-41.1 xen-tools-domU-4.2.5_21-41.1 - SUSE Manager Proxy 2.1 (x86_64): xen-4.2.5_21-41.1 xen-doc-html-4.2.5_21-41.1 xen-doc-pdf-4.2.5_21-41.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-41.1 xen-libs-32bit-4.2.5_21-41.1 xen-libs-4.2.5_21-41.1 xen-tools-4.2.5_21-41.1 xen-tools-domU-4.2.5_21-41.1 - SUSE Manager 2.1 (x86_64): xen-4.2.5_21-41.1 xen-doc-html-4.2.5_21-41.1 xen-doc-pdf-4.2.5_21-41.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-41.1 xen-libs-32bit-4.2.5_21-41.1 xen-libs-4.2.5_21-41.1 xen-tools-4.2.5_21-41.1 xen-tools-domU-4.2.5_21-41.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): xen-kmp-default-4.2.5_21_3.0.101_0.47.99-41.1 xen-libs-4.2.5_21-41.1 xen-tools-domU-4.2.5_21-41.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64): xen-4.2.5_21-41.1 xen-doc-html-4.2.5_21-41.1 xen-doc-pdf-4.2.5_21-41.1 xen-libs-32bit-4.2.5_21-41.1 xen-tools-4.2.5_21-41.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-41.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): xen-kmp-default-4.2.5_21_3.0.101_0.47.99-41.1 xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-41.1 xen-libs-4.2.5_21-41.1 xen-tools-domU-4.2.5_21-41.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-7718.html https://www.suse.com/security/cve/CVE-2017-7980.html https://www.suse.com/security/cve/CVE-2017-7995.html https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1033948 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034845 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1035483 From sle-security-updates at lists.suse.com Tue May 2 10:14:45 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 18:14:45 +0200 (CEST) Subject: SUSE-SU-2017:1147-1: important: Security update for xen Message-ID: <20170502161445.7B513101BF@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1147-1 Rating: important References: #1015348 #1022555 #1026636 #1027519 #1027570 #1028235 #1028655 #1029827 #1030144 #1030442 #1034843 #1034844 #1034845 #1034994 #1035483 Cross-References: CVE-2016-9603 CVE-2017-2633 CVE-2017-6414 CVE-2017-6505 CVE-2017-7718 CVE-2017-7980 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 9 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) These non-security issues were fixed: - bsc#1027519: Missing upstream bug fixes - bsc#1015348: libvirtd does not start during boot - bsc#1022555: Timeout in "execution of /etc/xen/scripts/block add Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-661=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-661=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-661=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (x86_64): xen-debugsource-4.5.5_10-22.14.1 xen-devel-4.5.5_10-22.14.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): xen-4.5.5_10-22.14.1 xen-debugsource-4.5.5_10-22.14.1 xen-doc-html-4.5.5_10-22.14.1 xen-kmp-default-4.5.5_10_k3.12.69_60.64.35-22.14.1 xen-kmp-default-debuginfo-4.5.5_10_k3.12.69_60.64.35-22.14.1 xen-libs-32bit-4.5.5_10-22.14.1 xen-libs-4.5.5_10-22.14.1 xen-libs-debuginfo-32bit-4.5.5_10-22.14.1 xen-libs-debuginfo-4.5.5_10-22.14.1 xen-tools-4.5.5_10-22.14.1 xen-tools-debuginfo-4.5.5_10-22.14.1 xen-tools-domU-4.5.5_10-22.14.1 xen-tools-domU-debuginfo-4.5.5_10-22.14.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): xen-4.5.5_10-22.14.1 xen-debugsource-4.5.5_10-22.14.1 xen-kmp-default-4.5.5_10_k3.12.69_60.64.35-22.14.1 xen-kmp-default-debuginfo-4.5.5_10_k3.12.69_60.64.35-22.14.1 xen-libs-32bit-4.5.5_10-22.14.1 xen-libs-4.5.5_10-22.14.1 xen-libs-debuginfo-32bit-4.5.5_10-22.14.1 xen-libs-debuginfo-4.5.5_10-22.14.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-2633.html https://www.suse.com/security/cve/CVE-2017-6414.html https://www.suse.com/security/cve/CVE-2017-6505.html https://www.suse.com/security/cve/CVE-2017-7718.html https://www.suse.com/security/cve/CVE-2017-7980.html https://bugzilla.suse.com/1015348 https://bugzilla.suse.com/1022555 https://bugzilla.suse.com/1026636 https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1027570 https://bugzilla.suse.com/1028235 https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1030442 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034845 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1035483 From sle-security-updates at lists.suse.com Tue May 2 10:17:32 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 18:17:32 +0200 (CEST) Subject: SUSE-SU-2017:1148-1: important: Security update for xen Message-ID: <20170502161732.83DEB101BF@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1148-1 Rating: important References: #1029827 #1034843 #1034844 #1034845 #1034994 #1035483 Cross-References: CVE-2017-7718 CVE-2017-7980 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035483). - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - Incorrect checks when handling exceptions allowed a malicious or buggy 64-bit PV guest to modify part of a physical memory page not belonging to it, potentially allowing for all of privilege escalation, host or other guest crashes, and information leaks (XSA-215, bsc#1034845) - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). This non-security issue was fixed: - bsc#1029827: Additional xenstore fixes Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-665=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-665=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): xen-4.4.4_18-22.39.1 xen-debugsource-4.4.4_18-22.39.1 xen-doc-html-4.4.4_18-22.39.1 xen-kmp-default-4.4.4_18_k3.12.61_52.69-22.39.1 xen-kmp-default-debuginfo-4.4.4_18_k3.12.61_52.69-22.39.1 xen-libs-32bit-4.4.4_18-22.39.1 xen-libs-4.4.4_18-22.39.1 xen-libs-debuginfo-32bit-4.4.4_18-22.39.1 xen-libs-debuginfo-4.4.4_18-22.39.1 xen-tools-4.4.4_18-22.39.1 xen-tools-debuginfo-4.4.4_18-22.39.1 xen-tools-domU-4.4.4_18-22.39.1 xen-tools-domU-debuginfo-4.4.4_18-22.39.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): xen-4.4.4_18-22.39.1 xen-debugsource-4.4.4_18-22.39.1 xen-doc-html-4.4.4_18-22.39.1 xen-kmp-default-4.4.4_18_k3.12.61_52.69-22.39.1 xen-kmp-default-debuginfo-4.4.4_18_k3.12.61_52.69-22.39.1 xen-libs-32bit-4.4.4_18-22.39.1 xen-libs-4.4.4_18-22.39.1 xen-libs-debuginfo-32bit-4.4.4_18-22.39.1 xen-libs-debuginfo-4.4.4_18-22.39.1 xen-tools-4.4.4_18-22.39.1 xen-tools-debuginfo-4.4.4_18-22.39.1 xen-tools-domU-4.4.4_18-22.39.1 xen-tools-domU-debuginfo-4.4.4_18-22.39.1 References: https://www.suse.com/security/cve/CVE-2017-7718.html https://www.suse.com/security/cve/CVE-2017-7980.html https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034845 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1035483 From sle-security-updates at lists.suse.com Tue May 2 13:08:53 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 2 May 2017 21:08:53 +0200 (CEST) Subject: SUSE-SU-2017:1149-1: important: Security update for graphite2 Message-ID: <20170502190853.880AD101BF@maintenance.suse.de> SUSE Security Update: Security update for graphite2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1149-1 Rating: important References: #1035204 Cross-References: CVE-2017-5436 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for graphite2 fixes one issue. This security issues was fixed: - CVE-2017-5436: An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution (bsc#1035204). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-668=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-668=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-668=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-668=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-668=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-668=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-668=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 graphite2-devel-1.3.1-9.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 graphite2-devel-1.3.1-9.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 libgraphite2-3-1.3.1-9.1 libgraphite2-3-debuginfo-1.3.1-9.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 libgraphite2-3-1.3.1-9.1 libgraphite2-3-debuginfo-1.3.1-9.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libgraphite2-3-32bit-1.3.1-9.1 libgraphite2-3-debuginfo-32bit-1.3.1-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 libgraphite2-3-1.3.1-9.1 libgraphite2-3-debuginfo-1.3.1-9.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgraphite2-3-32bit-1.3.1-9.1 libgraphite2-3-debuginfo-32bit-1.3.1-9.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 libgraphite2-3-1.3.1-9.1 libgraphite2-3-32bit-1.3.1-9.1 libgraphite2-3-debuginfo-1.3.1-9.1 libgraphite2-3-debuginfo-32bit-1.3.1-9.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): graphite2-debuginfo-1.3.1-9.1 graphite2-debugsource-1.3.1-9.1 libgraphite2-3-1.3.1-9.1 libgraphite2-3-32bit-1.3.1-9.1 libgraphite2-3-debuginfo-1.3.1-9.1 libgraphite2-3-debuginfo-32bit-1.3.1-9.1 References: https://www.suse.com/security/cve/CVE-2017-5436.html https://bugzilla.suse.com/1035204 From sle-security-updates at lists.suse.com Wed May 3 07:09:03 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 3 May 2017 15:09:03 +0200 (CEST) Subject: SUSE-SU-2017:1151-1: moderate: Security update for apparmor Message-ID: <20170503130903.7D78F101BC@maintenance.suse.de> SUSE Security Update: Security update for apparmor ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1151-1 Rating: moderate References: #1000201 #1016259 #1022610 #1029696 #1031529 Cross-References: CVE-2017-6507 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update for apparmor provides the following fixes: This security issue was fixed: - CVE-2017-6507: Preserve unknown profiles when reloading apparmor.service (bsc#1029696) These non-security issues were fixed: - Add tunables/kernelvars abstraction. (bsc#1031529) - Update flags of ntpd profile. (bsc#1022610) - Force AppArmor to start after /var/lib mounts. (bsc#1016259) - Update mlmmj profiles. (bsc#1000201) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-669=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-669=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-669=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-669=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-669=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-669=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-669=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-669=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): apparmor-debugsource-2.8.2-54.1 libapparmor-devel-2.8.2-54.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): apparmor-debugsource-2.8.2-54.1 libapparmor-devel-2.8.2-54.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): apache2-mod_apparmor-2.8.2-54.1 apache2-mod_apparmor-debuginfo-2.8.2-54.1 apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 pam_apparmor-2.8.2-54.1 perl-apparmor-2.8.2-54.1 perl-apparmor-debuginfo-2.8.2-54.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): apparmor-docs-2.8.2-54.1 apparmor-profiles-2.8.2-54.1 apparmor-utils-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): apache2-mod_apparmor-2.8.2-54.1 apache2-mod_apparmor-debuginfo-2.8.2-54.1 apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 pam_apparmor-2.8.2-54.1 perl-apparmor-2.8.2-54.1 perl-apparmor-debuginfo-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): pam_apparmor-debuginfo-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): apparmor-docs-2.8.2-54.1 apparmor-profiles-2.8.2-54.1 apparmor-utils-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libapparmor1-32bit-2.8.2-54.1 libapparmor1-debuginfo-32bit-2.8.2-54.1 pam_apparmor-32bit-2.8.2-54.1 pam_apparmor-debuginfo-32bit-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): apache2-mod_apparmor-2.8.2-54.1 apache2-mod_apparmor-debuginfo-2.8.2-54.1 apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 pam_apparmor-2.8.2-54.1 pam_apparmor-debuginfo-2.8.2-54.1 perl-apparmor-2.8.2-54.1 perl-apparmor-debuginfo-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libapparmor1-32bit-2.8.2-54.1 libapparmor1-debuginfo-32bit-2.8.2-54.1 pam_apparmor-32bit-2.8.2-54.1 pam_apparmor-debuginfo-32bit-2.8.2-54.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): apparmor-docs-2.8.2-54.1 apparmor-profiles-2.8.2-54.1 apparmor-utils-2.8.2-54.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): apparmor-docs-2.8.2-54.1 apparmor-profiles-2.8.2-54.1 apparmor-utils-2.8.2-54.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-32bit-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 libapparmor1-debuginfo-32bit-2.8.2-54.1 pam_apparmor-2.8.2-54.1 pam_apparmor-32bit-2.8.2-54.1 pam_apparmor-debuginfo-2.8.2-54.1 pam_apparmor-debuginfo-32bit-2.8.2-54.1 perl-apparmor-2.8.2-54.1 perl-apparmor-debuginfo-2.8.2-54.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): apparmor-docs-2.8.2-54.1 apparmor-profiles-2.8.2-54.1 apparmor-utils-2.8.2-54.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-32bit-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 libapparmor1-debuginfo-32bit-2.8.2-54.1 pam_apparmor-2.8.2-54.1 pam_apparmor-32bit-2.8.2-54.1 pam_apparmor-debuginfo-2.8.2-54.1 pam_apparmor-debuginfo-32bit-2.8.2-54.1 perl-apparmor-2.8.2-54.1 perl-apparmor-debuginfo-2.8.2-54.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): apparmor-debugsource-2.8.2-54.1 apparmor-parser-2.8.2-54.1 apparmor-parser-debuginfo-2.8.2-54.1 libapparmor1-2.8.2-54.1 libapparmor1-debuginfo-2.8.2-54.1 References: https://www.suse.com/security/cve/CVE-2017-6507.html https://bugzilla.suse.com/1000201 https://bugzilla.suse.com/1016259 https://bugzilla.suse.com/1022610 https://bugzilla.suse.com/1029696 https://bugzilla.suse.com/1031529 From sle-security-updates at lists.suse.com Wed May 3 07:10:10 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 3 May 2017 15:10:10 +0200 (CEST) Subject: SUSE-SU-2017:1153-1: important: Security update for ghostscript-library Message-ID: <20170503131010.CE23C101BC@maintenance.suse.de> SUSE Security Update: Security update for ghostscript-library ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1153-1 Rating: important References: #1036453 Cross-References: CVE-2017-8291 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ghostscript-library-13086=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ghostscript-library-13086=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ghostscript-library-13086=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-devel-8.62-32.44.1 ghostscript-ijs-devel-8.62-32.44.1 libgimpprint-devel-4.2.7-32.44.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-fonts-other-8.62-32.44.1 ghostscript-fonts-rus-8.62-32.44.1 ghostscript-fonts-std-8.62-32.44.1 ghostscript-library-8.62-32.44.1 ghostscript-omni-8.62-32.44.1 ghostscript-x11-8.62-32.44.1 libgimpprint-4.2.7-32.44.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-library-debuginfo-8.62-32.44.1 ghostscript-library-debugsource-8.62-32.44.1 References: https://www.suse.com/security/cve/CVE-2017-8291.html https://bugzilla.suse.com/1036453 From sle-security-updates at lists.suse.com Wed May 3 13:10:11 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 3 May 2017 21:10:11 +0200 (CEST) Subject: SUSE-SU-2017:1156-1: moderate: Security update for firebird Message-ID: <20170503191011.6FBBD101BE@maintenance.suse.de> SUSE Security Update: Security update for firebird ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1156-1 Rating: moderate References: #1023990 Cross-References: CVE-2017-6369 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for firebird fixes the following security issues: - CVE-2017-6369: Insufficient checks in the UDF subsystem in Firebird allowed remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so (bsc#1023990). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-671=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-671=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-671=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-671=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-671=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-671=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 libfbembed-devel-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 firebird-debuginfo-2.5.2.26539-15.1 firebird-debugsource-2.5.2.26539-15.1 firebird-devel-2.5.2.26539-15.1 libfbembed-devel-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): firebird-classic-debuginfo-2.5.2.26539-15.1 firebird-classic-debugsource-2.5.2.26539-15.1 libfbembed2_5-2.5.2.26539-15.1 libfbembed2_5-debuginfo-2.5.2.26539-15.1 References: https://www.suse.com/security/cve/CVE-2017-6369.html https://bugzilla.suse.com/1023990 From sle-security-updates at lists.suse.com Thu May 4 07:09:27 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 4 May 2017 15:09:27 +0200 (CEST) Subject: SUSE-SU-2017:1174-1: moderate: Security update for wireshark Message-ID: <20170504130927.A804D101C1@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1174-1 Rating: moderate References: #1002981 #1010735 #1010740 #1010752 #1010754 #1010911 #1021739 #1025913 #1027998 #1033936 #1033937 #1033938 #1033939 #1033940 #1033941 #1033942 #1033943 #1033944 #1033945 #998761 #998762 #998763 #998800 #998963 #998964 Cross-References: CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 23 vulnerabilities and has two fixes is now available. Description: Wireshark was updated to version 2.0.12, which brings several new features, enhancements and bug fixes. These security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936). - CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937). - CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938). - CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939). - CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940). - CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941). - CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942). - CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943). - CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944). - CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945). - CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963). - CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735). - CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740). - CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752). - CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754). - CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761). - CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762). - CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763). - CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800). - CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964). - CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913). - CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739). - CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-wireshark-13089=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-wireshark-13089=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-wireshark-13089=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-devel-2.0.12-36.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): wireshark-2.0.12-36.1 wireshark-gtk-2.0.12-36.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-2.0.12-36.1 wireshark-gtk-2.0.12-36.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-debuginfo-2.0.12-36.1 wireshark-debugsource-2.0.12-36.1 References: https://www.suse.com/security/cve/CVE-2016-7175.html https://www.suse.com/security/cve/CVE-2016-7176.html https://www.suse.com/security/cve/CVE-2016-7177.html https://www.suse.com/security/cve/CVE-2016-7178.html https://www.suse.com/security/cve/CVE-2016-7179.html https://www.suse.com/security/cve/CVE-2016-7180.html https://www.suse.com/security/cve/CVE-2016-9373.html https://www.suse.com/security/cve/CVE-2016-9374.html https://www.suse.com/security/cve/CVE-2016-9375.html https://www.suse.com/security/cve/CVE-2016-9376.html https://www.suse.com/security/cve/CVE-2017-5596.html https://www.suse.com/security/cve/CVE-2017-5597.html https://www.suse.com/security/cve/CVE-2017-6014.html https://www.suse.com/security/cve/CVE-2017-7700.html https://www.suse.com/security/cve/CVE-2017-7701.html https://www.suse.com/security/cve/CVE-2017-7702.html https://www.suse.com/security/cve/CVE-2017-7703.html https://www.suse.com/security/cve/CVE-2017-7704.html https://www.suse.com/security/cve/CVE-2017-7705.html https://www.suse.com/security/cve/CVE-2017-7745.html https://www.suse.com/security/cve/CVE-2017-7746.html https://www.suse.com/security/cve/CVE-2017-7747.html https://www.suse.com/security/cve/CVE-2017-7748.html https://bugzilla.suse.com/1002981 https://bugzilla.suse.com/1010735 https://bugzilla.suse.com/1010740 https://bugzilla.suse.com/1010752 https://bugzilla.suse.com/1010754 https://bugzilla.suse.com/1010911 https://bugzilla.suse.com/1021739 https://bugzilla.suse.com/1025913 https://bugzilla.suse.com/1027998 https://bugzilla.suse.com/1033936 https://bugzilla.suse.com/1033937 https://bugzilla.suse.com/1033938 https://bugzilla.suse.com/1033939 https://bugzilla.suse.com/1033940 https://bugzilla.suse.com/1033941 https://bugzilla.suse.com/1033942 https://bugzilla.suse.com/1033943 https://bugzilla.suse.com/1033944 https://bugzilla.suse.com/1033945 https://bugzilla.suse.com/998761 https://bugzilla.suse.com/998762 https://bugzilla.suse.com/998763 https://bugzilla.suse.com/998800 https://bugzilla.suse.com/998963 https://bugzilla.suse.com/998964 From sle-security-updates at lists.suse.com Thu May 4 07:13:57 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 4 May 2017 15:13:57 +0200 (CEST) Subject: SUSE-SU-2017:1175-1: important: Security update for MozillaFirefox, mozilla-nss, mozilla-nspr Message-ID: <20170504131357.BD3DD101C1@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox, mozilla-nss, mozilla-nspr ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1175-1 Rating: important References: #1015499 #1015547 #1021636 #1030071 #1035082 #983639 Cross-References: CVE-2016-1950 CVE-2016-2834 CVE-2016-8635 CVE-2016-9574 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 29 vulnerabilities is now available. Description: Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082) - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2 - MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection - MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing - MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding - MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing - MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs: - Update to NSS 3.29.5: * MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed. * MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed. * CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499). * requires NSPR >= 4.13.1 - Update to NSS 3.29.3 * enables TLS 1.3 by default - Fixed a bug in hash computation (and build with GCC 7 which complains about shifts of boolean values). (bsc#1030071, bmo#1348767) - Update to NSS 3.28.3 This is a patch release to fix binary compatibility issues. - Update to NSS 3.28.1 This is a patch release to update the list of root CA certificates. * The following CA certificates were Removed CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA Security 2048 V3 * The following CA certificates were Added OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN = Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2 Public Primary Certification Authority - G4 CN = Symantec Class 2 Public Primary Certification Authority - G6 * The version number of the updated root CA list has been set to 2.11 - Update to NSS 3.28 New functionality: * NSS includes support for TLS 1.3 draft -18. This includes a number of improvements to TLS 1.3: - The signed certificate timestamp, used in certificate transparency, is supported in TLS 1.3. - Key exporters for TLS 1.3 are supported. This includes the early key exporter, which can be used if 0-RTT is enabled. Note that there is a difference between TLS 1.3 and key exporters in older versions of TLS. TLS 1.3 does not distinguish between an empty context and no context. - The TLS 1.3 (draft) protocol can be enabled, by defining NSS_ENABLE_TLS_1_3=1 when building NSS. - NSS includes support for the X25519 key exchange algorithm, which is supported and enabled by default in all versions of TLS. Notable Changes: * NSS can no longer be compiled with support for additional elliptic curves. This was previously possible by replacing certain NSS source files. * NSS will now detect the presence of tokens that support additional elliptic curves and enable those curves for use in TLS. Note that this detection has a one-off performance cost, which can be avoided by using the SSL_NamedGroupConfig function to limit supported groups to those that NSS provides. * PKCS#11 bypass for TLS is no longer supported and has been removed. * Support for "export" grade SSL/TLS cipher suites has been removed. * NSS now uses the signature schemes definition in TLS 1.3. This also affects TLS 1.2. NSS will now only generate signatures with the combinations of hash and signature scheme that are defined in TLS 1.3, even when negotiating TLS 1.2. - This means that SHA-256 will only be used with P-256 ECDSA certificates, SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates. SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward compatibility reasons. - NSS will now no longer assume that default signature schemes are supported by a peer if there was no commonly supported signature scheme. * NSS will now check if RSA-PSS signing is supported by the token that holds the private key prior to using it for TLS. * The certificate validation code contains checks to no longer trust certificates that are issued by old WoSign and StartCom CAs after October 21, 2016. This is equivalent to the behavior that Mozilla will release with Firefox 51. - Update to NSS 3.27.2 * Fixed SSL_SetTrustAnchors leaks (bmo#1318561) - raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636) - Update to NSS 3.26.2 New Functionality: * the selfserv test utility has been enhanced to support ALPN (HTTP/1.1) and 0-RTT * added support for the System-wide crypto policy available on Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy * introduced build flag NSS_DISABLE_LIBPKIX that allows compilation of NSS without the libpkix library Notable Changes: * The following CA certificate was Added CN = ISRG Root X1 * NPN is disabled and ALPN is enabled by default * the NSS test suite now completes with the experimental TLS 1.3 code enabled * several test improvements and additions, including a NIST known answer test Changes in 3.26.2 * MD5 signature algorithms sent by the server in CertificateRequest messages are now properly ignored. Previously, with rare server configurations, an MD5 signature algorithm might have been selected for client authentication and caused the client to abort the connection soon after. - Update to NSS 3.25 New functionality: * Implemented DHE key agreement for TLS 1.3 * Added support for ChaCha with TLS 1.3 * Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF * In previous versions, when using client authentication with TLS 1.2, NSS only supported certificate_verify messages that used the same signature hash algorithm as used by the PRF. This limitation has been removed. Notable changes: * An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3 * Regression fix: NSS no longer reports a failure if an application attempts to disable the SSLv2 protocol. * The list of trusted CA certificates has been updated to version 2.8 * The following CA certificate was Removed Sonera Class1 CA * The following CA certificates were Added Hellenic Academic and Research Institutions RootCA 2015 Hellenic Academic and Research Institutions ECC RootCA 2015 Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3 - Update to NSS 3.24 New functionality: * NSS softoken has been updated with the latest National Institute of Standards and Technology (NIST) guidance (as of 2015): - Software integrity checks and POST functions are executed on shared library load. These checks have been disabled by default, as they can cause a performance regression. To enable these checks, you must define symbol NSS_FORCE_FIPS when building NSS. - Counter mode and Galois/Counter Mode (GCM) have checks to prevent counter overflow. - Additional CSPs are zeroed in the code. - NSS softoken uses new guidance for how many Rabin-Miller tests are needed to verify a prime based on prime size. * NSS softoken has also been updated to allow NSS to run in FIPS Level 1 (no password). This mode is triggered by setting the database password to the empty string. In FIPS mode, you may move from Level 1 to Level 2 (by setting an appropriate password), but not the reverse. * A SSL_ConfigServerCert function has been added for configuring SSL/TLS server sockets with a certificate and private key. Use this new function in place of SSL_ConfigSecureServer, SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically determines the certificate type from the certificate and private key. The caller is no longer required to use SSLKEAType explicitly to select a "slot" into which the certificate is configured (which incorrectly identifies a key agreement type rather than a certificate). Separate functions for configuring Online Certificate Status Protocol (OCSP) responses or Signed Certificate Timestamps are not needed, since these can be added to the optional SSLExtraServerCertData struct provided to SSL_ConfigServerCert. Also, partial support for RSA Probabilistic Signature Scheme (RSA-PSS) certificates has been added. Although these certificates can be configured, they will not be used by NSS in this version. * Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo. Instead, applications should use the newly added attribute authType. * Add a shared library (libfreeblpriv3) on Linux platforms that define FREEBL_LOWHASH. * Remove most code related to SSL v2, including the ability to actively send a SSLv2-compatible client hello. However, the server-side implementation of the SSL/TLS protocol still supports processing of received v2-compatible client hello messages. * Disable (by default) NSS support in optimized builds for logging SSL/TLS key material to a logfile if the SSLKEYLOGFILE environment variable is set. To enable the functionality in optimized builds, you must define the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS. * Update NSS to protect it against the Cachebleed attack. * Disable support for DTLS compression. * Improve support for TLS 1.3. This includes support for DTLS 1.3. Note that TLS 1.3 support is experimental and not suitable for production use. - Update to NSS 3.23 New functionality: * ChaCha20/Poly1305 cipher and TLS cipher suites now supported * Experimental-only support TLS 1.3 1-RTT mode (draft-11). This code is not ready for production use. Notable changes: * The list of TLS extensions sent in the TLS handshake has been reordered to increase compatibility of the Extended Master Secret with with servers * The build time environment variable NSS_ENABLE_ZLIB has been renamed to NSS_SSL_ENABLE_ZLIB * The build time environment variable NSS_DISABLE_CHACHAPOLY was added, which can be used to prevent compilation of the ChaCha20/Poly1305 code. * The following CA certificates were Removed - Staat der Nederlanden Root CA - NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado - NetLock Kozjegyzoi (Class A) Tanusitvanykiado - NetLock Uzleti (Class B) Tanusitvanykiado - NetLock Expressz (Class C) Tanusitvanykiado - VeriSign Class 1 Public PCA - G2 - VeriSign Class 3 Public PCA - VeriSign Class 3 Public PCA - G2 - CA Disig * The following CA certificates were Added + SZAFIR ROOT CA2 + Certum Trusted Network CA 2 * The following CA certificate had the Email trust bit turned on + Actalis Authentication Root CA Security fixes: * CVE-2016-2834: Memory safety bugs (boo#983639) MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037 - Update to NSS 3.22.3 * Increase compatibility of TLS extended master secret, don't send an empty TLS extension last in the handshake (bmo#1243641) * Fixed a heap-based buffer overflow related to the parsing of certain ASN.1 structures. An attacker could create a specially-crafted certificate which, when parsed by NSS, would cause a crash or execution of arbitrary code with the permissions of the user. (CVE-2016-1950, bmo#1245528) - Update to NSS 3.22.2 New functionality: * RSA-PSS signatures are now supported (bmo#1215295) * Pseudorandom functions based on hashes other than SHA-1 are now supported * Enforce an External Policy on NSS from a config file (bmo#1009429) - CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547) Mozilla NSPR was updated to version 4.13.1: The previously released version 4.13 had changed pipes to be nonblocking by default, and as a consequence, PollEvent was changed to not block on clear. The NSPR development team received reports that these changes caused regressions in some applications that use NSPR, and it has been decided to revert the changes made in NSPR 4.13. NSPR 4.13.1 restores the traditional behavior of pipes and PollEvent. Mozilla NSPR update to version 4.13 had these changes: - PL_strcmp (and others) were fixed to return consistent results when one of the arguments is NULL. - PollEvent was fixed to not block on clear. - Pipes are always nonblocking. - PR_GetNameForIdentity: added thread safety lock and bound checks. - Removed the PLArena freelist. - Avoid some integer overflows. - fixed several comments. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-MozillaFirefox-13090=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-MozillaFirefox-13090=1 - SUSE Manager 2.1: zypper in -t patch sleman21-MozillaFirefox-13090=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-MozillaFirefox-13090=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-MozillaFirefox-13090=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-MozillaFirefox-13090=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-MozillaFirefox-13090=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-MozillaFirefox-13090=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-MozillaFirefox-13090=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libfreebl3-32bit-3.29.5-46.1 libsoftokn3-3.29.5-46.1 libsoftokn3-32bit-3.29.5-46.1 mozilla-nspr-32bit-4.13.1-32.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-32bit-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Manager Proxy 2.1 (x86_64): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libfreebl3-32bit-3.29.5-46.1 libsoftokn3-3.29.5-46.1 libsoftokn3-32bit-3.29.5-46.1 mozilla-nspr-32bit-4.13.1-32.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-32bit-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Manager 2.1 (s390x x86_64): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libfreebl3-32bit-3.29.5-46.1 libsoftokn3-3.29.5-46.1 libsoftokn3-32bit-3.29.5-46.1 mozilla-nspr-32bit-4.13.1-32.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-32bit-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-45.9.0esr-71.2 mozilla-nspr-devel-4.13.1-32.1 mozilla-nss-devel-3.29.5-46.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libsoftokn3-3.29.5-46.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libfreebl3-32bit-3.29.5-46.1 libsoftokn3-32bit-3.29.5-46.1 mozilla-nspr-32bit-4.13.1-32.1 mozilla-nss-32bit-3.29.5-46.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libfreebl3-x86-3.29.5-46.1 libsoftokn3-x86-3.29.5-46.1 mozilla-nspr-x86-4.13.1-32.1 mozilla-nss-x86-3.29.5-46.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libsoftokn3-3.29.5-46.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libfreebl3-32bit-3.29.5-46.1 libsoftokn3-32bit-3.29.5-46.1 mozilla-nspr-32bit-4.13.1-32.1 mozilla-nss-32bit-3.29.5-46.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): MozillaFirefox-45.9.0esr-71.2 MozillaFirefox-translations-45.9.0esr-71.2 libfreebl3-3.29.5-46.1 libsoftokn3-3.29.5-46.1 mozilla-nspr-4.13.1-32.1 mozilla-nss-3.29.5-46.1 mozilla-nss-tools-3.29.5-46.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-debuginfo-45.9.0esr-71.2 MozillaFirefox-debugsource-45.9.0esr-71.2 mozilla-nspr-debuginfo-4.13.1-32.1 mozilla-nspr-debugsource-4.13.1-32.1 mozilla-nss-debuginfo-3.29.5-46.1 mozilla-nss-debugsource-3.29.5-46.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): mozilla-nspr-debuginfo-32bit-4.13.1-32.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): mozilla-nspr-debuginfo-x86-4.13.1-32.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): MozillaFirefox-debuginfo-45.9.0esr-71.2 MozillaFirefox-debugsource-45.9.0esr-71.2 mozilla-nspr-debuginfo-4.13.1-32.1 mozilla-nspr-debugsource-4.13.1-32.1 mozilla-nss-debuginfo-3.29.5-46.1 mozilla-nss-debugsource-3.29.5-46.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x x86_64): mozilla-nspr-debuginfo-32bit-4.13.1-32.1 References: https://www.suse.com/security/cve/CVE-2016-1950.html https://www.suse.com/security/cve/CVE-2016-2834.html https://www.suse.com/security/cve/CVE-2016-8635.html https://www.suse.com/security/cve/CVE-2016-9574.html https://www.suse.com/security/cve/CVE-2017-5429.html https://www.suse.com/security/cve/CVE-2017-5432.html https://www.suse.com/security/cve/CVE-2017-5433.html https://www.suse.com/security/cve/CVE-2017-5434.html https://www.suse.com/security/cve/CVE-2017-5435.html https://www.suse.com/security/cve/CVE-2017-5436.html https://www.suse.com/security/cve/CVE-2017-5437.html https://www.suse.com/security/cve/CVE-2017-5438.html https://www.suse.com/security/cve/CVE-2017-5439.html https://www.suse.com/security/cve/CVE-2017-5440.html https://www.suse.com/security/cve/CVE-2017-5441.html https://www.suse.com/security/cve/CVE-2017-5442.html https://www.suse.com/security/cve/CVE-2017-5443.html https://www.suse.com/security/cve/CVE-2017-5444.html https://www.suse.com/security/cve/CVE-2017-5445.html https://www.suse.com/security/cve/CVE-2017-5446.html https://www.suse.com/security/cve/CVE-2017-5447.html https://www.suse.com/security/cve/CVE-2017-5448.html https://www.suse.com/security/cve/CVE-2017-5459.html https://www.suse.com/security/cve/CVE-2017-5460.html https://www.suse.com/security/cve/CVE-2017-5461.html https://www.suse.com/security/cve/CVE-2017-5462.html https://www.suse.com/security/cve/CVE-2017-5464.html https://www.suse.com/security/cve/CVE-2017-5465.html https://www.suse.com/security/cve/CVE-2017-5469.html https://bugzilla.suse.com/1015499 https://bugzilla.suse.com/1015547 https://bugzilla.suse.com/1021636 https://bugzilla.suse.com/1030071 https://bugzilla.suse.com/1035082 https://bugzilla.suse.com/983639 From sle-security-updates at lists.suse.com Fri May 5 07:09:16 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 5 May 2017 15:09:16 +0200 (CEST) Subject: SUSE-SU-2017:1182-1: moderate: Security update for audiofile Message-ID: <20170505130916.B9F19101C3@maintenance.suse.de> SUSE Security Update: Security update for audiofile ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1182-1 Rating: moderate References: #1026978 #1026979 #1026980 #1026981 #1026982 #1026983 #1026984 #1026985 #1026986 #1026987 #1026988 Cross-References: CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update for audiofile fixes the following issues: Security issues fixed: - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979) - CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980) - CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981) - CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982) - CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983) - CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984) - CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985) - CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986) - CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988) - CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987) - CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-audiofile-13093=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-audiofile-13093=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-audiofile-13093=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): audiofile-devel-0.2.6-142.17.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): audiofile-0.2.6-142.17.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): audiofile-32bit-0.2.6-142.17.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): audiofile-x86-0.2.6-142.17.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): audiofile-debuginfo-0.2.6-142.17.1 audiofile-debugsource-0.2.6-142.17.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): audiofile-debuginfo-32bit-0.2.6-142.17.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): audiofile-debuginfo-x86-0.2.6-142.17.1 References: https://www.suse.com/security/cve/CVE-2017-6827.html https://www.suse.com/security/cve/CVE-2017-6828.html https://www.suse.com/security/cve/CVE-2017-6829.html https://www.suse.com/security/cve/CVE-2017-6830.html https://www.suse.com/security/cve/CVE-2017-6831.html https://www.suse.com/security/cve/CVE-2017-6832.html https://www.suse.com/security/cve/CVE-2017-6833.html https://www.suse.com/security/cve/CVE-2017-6834.html https://www.suse.com/security/cve/CVE-2017-6835.html https://www.suse.com/security/cve/CVE-2017-6836.html https://www.suse.com/security/cve/CVE-2017-6837.html https://www.suse.com/security/cve/CVE-2017-6838.html https://www.suse.com/security/cve/CVE-2017-6839.html https://bugzilla.suse.com/1026978 https://bugzilla.suse.com/1026979 https://bugzilla.suse.com/1026980 https://bugzilla.suse.com/1026981 https://bugzilla.suse.com/1026982 https://bugzilla.suse.com/1026983 https://bugzilla.suse.com/1026984 https://bugzilla.suse.com/1026985 https://bugzilla.suse.com/1026986 https://bugzilla.suse.com/1026987 https://bugzilla.suse.com/1026988 From sle-security-updates at lists.suse.com Fri May 5 07:11:30 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 5 May 2017 15:11:30 +0200 (CEST) Subject: SUSE-SU-2017:1183-1: important: Security update for the Linux Kernel Message-ID: <20170505131130.396D4101C3@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1183-1 Rating: important References: #1007959 #1007962 #1008842 #1010032 #1011913 #1012382 #1012910 #1013994 #1014136 #1015609 #1017461 #1017641 #1018263 #1018419 #1019163 #1019614 #1019618 #1020048 #1021762 #1022340 #1022785 #1023866 #1024015 #1025683 #1026024 #1026405 #1026462 #1026505 #1026509 #1026692 #1026722 #1027054 #1027066 #1027153 #1027179 #1027189 #1027190 #1027195 #1027273 #1027616 #1028017 #1028027 #1028041 #1028158 #1028217 #1028325 #1028415 #1028819 #1028895 #1029220 #1029514 #1029634 #1029986 #1030118 #1030213 #1031003 #1031052 #1031200 #1031206 #1031208 #1031440 #1031481 #1031579 #1031660 #1031662 #1031717 #1031831 #1032006 #1032673 #1032681 #897662 #951844 #968697 #969755 #970083 #977572 #977860 #978056 #980892 #981634 #982783 #987899 #988281 #991173 #998106 Cross-References: CVE-2016-10200 CVE-2016-2117 CVE-2016-9191 CVE-2017-2596 CVE-2017-2671 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7374 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has 69 fixes is now available. Description: The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to receive various security and bugfixes. Notable new/improved features: - Improved support for Hyper-V - Support for Matrox G200eH3 - Support for tcp_westwood The following security bugs were fixed: - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). - CVE-2017-7374: Use-after-free vulnerability in fs/crypto/ in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely (bnc#1032006). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190). - CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697). - CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel had incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179). - CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842). - CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulated the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024). The following non-security bugs were fixed: - ACPI, ioapic: Clear on-stack resource before using it (bsc#1028819). - ACPI: Do not create a platform_device for IOAPIC/IOxAPIC (bsc#1028819). - ACPI: Remove platform devices from a bus on removal (bsc#1028819). - HID: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL (bsc#1022340). - NFS: do not try to cross a mountpount when there isn't one there (bsc#1028041). - NFS: flush out dirty data on file fput() (bsc#1021762). - PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal (bug#1028217). - PCI: hv: Use device serial number as PCI domain (bug#1028217). - RAID1: a new I/O barrier implementation to remove resync window (bsc#998106,bsc#1020048,bsc#982783). - RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#998106,bsc#1020048,bsc#982783). - Revert "RDMA/core: Fix incorrect structure packing for booleans" (kabi). - Revert "give up on gcc ilog2() constant optimizations" (kabi). - Revert "net/mlx4_en: Avoid unregister_netdev at shutdown flow" (bsc#1028017). - Revert "net: introduce device min_header_len" (kabi). - Revert "nfit, libnvdimm: fix interleave set cookie calculation" (kabi). - Revert "target: Fix NULL dereference during LUN lookup + active I/O shutdown" (kabi). - acpi, nfit: fix acpi_nfit_flush_probe() crash (bsc#1031717). - acpi, nfit: fix extended status translations for ACPI DSMs (bsc#1031717). - arm64: Use full path in KBUILD_IMAGE definition (bsc#1010032). - arm64: hugetlb: fix the wrong address for several functions (bsc#1032681). - arm64: hugetlb: fix the wrong return value for huge_ptep_set_access_flags (bsc#1032681). - arm64: hugetlb: remove the wrong pmd check in find_num_contig() (bsc#1032681). - arm: Use full path in KBUILD_IMAGE definition (bsc#1010032). - bnx2x: allow adding VLANs while interface is down (bsc#1027273). - bonding: fix 802.3ad aggregator reselection (bsc#1029514). - btrfs: Change qgroup_meta_rsv to 64bit (bsc#1019614). - btrfs: allow unlink to exceed subvolume quota (bsc#1019614). - btrfs: backref: Fix soft lockup in __merge_refs function (bsc#1017641). - btrfs: incremental send, do not delay rename when parent inode is new (bsc#1028325). - btrfs: incremental send, do not issue invalid rmdir operations (bsc#1028325). - btrfs: qgroup: Move half of the qgroup accounting time out of commit trans (bsc#1017461). - btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1019614). - btrfs: send, fix failure to rename top level inode due to name collision (bsc#1028325). - btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844 bsc#1024015) - cgroup/pids: remove spurious suspicious RCU usage warning (bnc#1031831). - crypto: algif_hash - avoid zero-sized array (bnc#1007962). - cxgb4vf: do not offload Rx checksums for IPv6 fragments (bsc#1026692). - device-dax: fix private mapping restriction, permit read-only (bsc#1031717). - drm/i915: Add intel_uncore_suspend / resume functions (bsc#1011913). - drm/i915: Fix crash after S3 resume with DP MST mode change (bsc#1029634). - drm/i915: Listen for PMIC bus access notifications (bsc#1011913). - drm/i915: Only enable hotplug interrupts if the display interrupts are enabled (bsc#1031717). - drm/mgag200: Added support for the new device G200eH3 (bsc#1007959) - ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986). - futex: Add missing error handling to FUTEX_REQUEUE_PI (bsc#969755). - futex: Fix potential use-after-free in FUTEX_REQUEUE_PI (bsc#969755). - hv: export current Hyper-V clocksource (bsc#1031206). - hv: util: do not forget to init host_ts.lock (bsc#1031206). - hv: vmbus: Prevent sending data on a rescinded channel (bug#1028217). - hv_utils: implement Hyper-V PTP source (bsc#1031206). - i2c-designware: increase timeout (bsc#1011913). - i2c: designware-baytrail: Acquire P-Unit access on bus acquire (bsc#1011913). - i2c: designware-baytrail: Call pmic_bus_access_notifier_chain (bsc#1011913). - i2c: designware-baytrail: Fix race when resetting the semaphore (bsc#1011913). - i2c: designware-baytrail: Only check iosf_mbi_available() for shared hosts (bsc#1011913). - i2c: designware: Disable pm for PMIC i2c-bus even if there is no _SEM method (bsc#1011913). - i2c: designware: Never suspend i2c-busses used for accessing the system PMIC (bsc#1011913). - i2c: designware: Rename accessor_flags to flags (bsc#1011913). - iommu/vt-d: Make sure IOMMUs are off when intel_iommu=off (bsc#1031208). - kABI: protect struct iscsi_conn (kabi). - kABI: protect struct se_node_acl (kabi). - kABI: restore can_rx_register parameters (kabi). - kgr/module: make a taint flag module-specific - kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662). - kgr: remove all arch-specific kgraft header files - l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415). - l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415). - l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415). - l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415). - l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415). - l2tp: lock socket before checking flags in connect() (bsc#1028415). - libnvdimm, pfn: fix memmap reservation size versus 4K alignment (bsc#1031717). - locking/semaphore: Add down_interruptible_timeout() (bsc#1031662). - md/raid1: Refactor raid1_make_request (bsc#998106,bsc#1020048,bsc#982783). - md/raid1: add rcu protection to rdev in fix_read_error (References: bsc#998106,bsc#1020048,bsc#982783). - md/raid1: fix a use-after-free bug (bsc#998106,bsc#1020048,bsc#982783). - md/raid1: handle flush request correctly (bsc#998106,bsc#1020048,bsc#982783). - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118). - mm/memblock.c: fix memblock_next_valid_pfn() (bnc#1031200). - mm/page_alloc: Remove useless parameter of __free_pages_boot_core (bnc#1027195). - mm: fix set pageblock migratetype in deferred struct page init (bnc#1027195). - mm: page_alloc: skip over regions of invalid pfns where possible (bnc#1031200). - module: move add_taint_module() to a header file - net/ena: change condition for host attribute configuration (bsc#1026509). - net/ena: change driver's default timeouts (bsc#1026509). - net/ena: fix NULL dereference when removing the driver after device reset failed (bsc#1026509). - net/ena: fix RSS default hash configuration (bsc#1026509). - net/ena: fix ethtool RSS flow configuration (bsc#1026509). - net/ena: fix potential access to freed memory during device reset (bsc#1026509). - net/ena: fix queues number calculation (bsc#1026509). - net/ena: reduce the severity of ena printouts (bsc#1026509). - net/ena: refactor ena_get_stats64 to be atomic context safe (bsc#1026509). - net/ena: remove ntuple filter support from device feature list (bsc#1026509). - net/ena: update driver version to 1.1.2 (bsc#1026509). - net/ena: use READ_ONCE to access completion descriptors (bsc#1026509). - net/mlx4_core: Avoid command timeouts during VF driver device shutdown (bsc#1028017). - net/mlx4_core: Avoid delays during VF driver device shutdown (bsc#1028017). - net/mlx4_core: Fix racy CQ (Completion Queue) free (bsc#1028017). - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#1028017). - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#1028017). - net/mlx4_en: Fix bad WQE issue (bsc#1028017). - net: ena: Fix error return code in ena_device_init() (bsc#1026509). - net: ena: Remove unnecessary pci_set_drvdata() (bsc#1026509). - net: ena: change the return type of ena_set_push_mode() to be void (bsc#1026509). - net: ena: remove superfluous check in ena_remove() (bsc#1026509). - net: ena: use setup_timer() and mod_timer() (bsc#1026509). - netfilter: allow logging from non-init namespaces (bsc#970083). - nvme: Do not suspend admin queue that wasn't created (bsc#1026505). - nvme: Suspend all queues before deletion (bsc#1026505). - ping: implement proper locking (bsc#1031003). - powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895). - rtlwifi: rtl_usb: Fix missing entry in USB driver's private data (bsc#1026462). - s390/kmsg: add missing kmsg descriptions (bnc#1025683). - s390/mm: fix zone calculation in arch_add_memory() (bnc#1025683). - sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419). - scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#1027054). - scsi_dh_alua: Do not modify the interval value for retries (bsc#1012910). - softirq: Let ksoftirqd do its job (bsc#1019618). - x86, mm: fix gup_pte_range() vs DAX mappings (bsc#1026405). - x86/apic/uv: Silence a shift wrapping warning (bsc#1023866). - x86/ioapic: Change prototype of acpi_ioapic_add() (bsc#1027153, bsc#1027616). - x86/ioapic: Fix IOAPIC failing to request resource (bsc#1027153, bsc#1027616). - x86/ioapic: Fix incorrect pointers in ioapic_setup_resources() (bsc#1027153, bsc#1027616). - x86/ioapic: Fix lost IOAPIC resource after hot-removal and hotadd (bsc#1027153, bsc#1027616). - x86/ioapic: Fix setup_res() failing to get resource (bsc#1027153, bsc#1027616). - x86/ioapic: Ignore root bridges without a companion ACPI device (bsc#1027153, bsc#1027616). - x86/ioapic: Simplify ioapic_setup_resources() (bsc#1027153, bsc#1027616). - x86/ioapic: Support hot-removal of IOAPICs present during boot (bsc#1027153, bsc#1027616). - x86/ioapic: fix kABI (hide added include) (bsc#1027153, bsc#1027616). - x86/mce: Do not print MCEs when mcelog is active (bsc#1013994). - x86/mce: Fix copy/paste error in exception table entries - x86/mm/gup: Simplify get_user_pages() PTE bit handling (bsc#1026405). - x86/platform/UV: Add Support for UV4 Hubless NMIs (bsc#1023866). - x86/platform/UV: Add Support for UV4 Hubless systems (bsc#1023866). - x86/platform/UV: Add basic CPU NMI health check (bsc#1023866). - x86/platform/UV: Clean up the NMI code to match current coding style (bsc#1023866). - x86/platform/UV: Clean up the UV APIC code (bsc#1023866). - x86/platform/UV: Ensure uv_system_init is called when necessary (bsc#1023866). - x86/platform/UV: Fix 2 socket config problem (bsc#1023866). - x86/platform/UV: Fix panic with missing UVsystab support (bsc#1023866). - x86/platform/UV: Initialize PCH GPP_D_0 NMI Pin to be NMI source (bsc#1023866). - x86/platform/UV: Verify NMI action is valid, default is standard (bsc#1023866). - x86/platform/intel/iosf_mbi: Add a PMIC bus access notifier (bsc#1011913). - x86/platform/intel/iosf_mbi: Add a mutex for P-Unit access (bsc#1011913). - x86/platform: Remove warning message for duplicate NMI handlers (bsc#1029220). - x86/ras/therm_throt: Do not log a fake MCE for thermal events (bsc#1028027). - xen-blkfront: correct maximum segment accounting (bsc#1018263). - xen-blkfront: do not call talk_to_blkback when already connected to blkback. - xen-blkfront: free resources if xlvbd_alloc_gendisk fails. - xen/blkfront: Fix crash if backend does not follow the right states. - xen/netback: set default upper limit of tx/rx queues to 8 (bnc#1019163). - xen/netfront: set default upper limit of tx/rx queues to 8 (bnc#1019163). - xen: Use machine addresses in /sys/kernel/vmcoreinfo when PV (bsc#1014136) - xfs: do not take the IOLOCK exclusive for direct I/O page invalidation (bsc#1015609). - xgene_enet: remove bogus forward declarations (bsc#1032673). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-697=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-697=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-697=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-697=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-697=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-697=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-697=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-697=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 kernel-default-extra-4.4.59-92.17.3 kernel-default-extra-debuginfo-4.4.59-92.17.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.4.59-92.17.3 kernel-obs-build-debugsource-4.4.59-92.17.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): kernel-docs-4.4.59-92.17.8 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): kernel-default-4.4.59-92.17.3 kernel-default-base-4.4.59-92.17.3 kernel-default-base-debuginfo-4.4.59-92.17.3 kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 kernel-default-devel-4.4.59-92.17.3 kernel-syms-4.4.59-92.17.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): kernel-devel-4.4.59-92.17.2 kernel-macros-4.4.59-92.17.2 kernel-source-4.4.59-92.17.2 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): kernel-default-4.4.59-92.17.3 kernel-default-base-4.4.59-92.17.3 kernel-default-base-debuginfo-4.4.59-92.17.3 kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 kernel-default-devel-4.4.59-92.17.3 kernel-syms-4.4.59-92.17.2 - SUSE Linux Enterprise Server 12-SP2 (noarch): kernel-devel-4.4.59-92.17.2 kernel-macros-4.4.59-92.17.2 kernel-source-4.4.59-92.17.2 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_59-92_17-default-1-2.3 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): cluster-md-kmp-default-4.4.59-92.17.3 cluster-md-kmp-default-debuginfo-4.4.59-92.17.3 cluster-network-kmp-default-4.4.59-92.17.3 cluster-network-kmp-default-debuginfo-4.4.59-92.17.3 dlm-kmp-default-4.4.59-92.17.3 dlm-kmp-default-debuginfo-4.4.59-92.17.3 gfs2-kmp-default-4.4.59-92.17.3 gfs2-kmp-default-debuginfo-4.4.59-92.17.3 kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 ocfs2-kmp-default-4.4.59-92.17.3 ocfs2-kmp-default-debuginfo-4.4.59-92.17.3 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): kernel-devel-4.4.59-92.17.2 kernel-macros-4.4.59-92.17.2 kernel-source-4.4.59-92.17.2 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): kernel-default-4.4.59-92.17.3 kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 kernel-default-devel-4.4.59-92.17.3 kernel-default-extra-4.4.59-92.17.3 kernel-default-extra-debuginfo-4.4.59-92.17.3 kernel-syms-4.4.59-92.17.2 - OpenStack Cloud Magnum Orchestration 7 (x86_64): kernel-default-4.4.59-92.17.3 kernel-default-debuginfo-4.4.59-92.17.3 kernel-default-debugsource-4.4.59-92.17.3 References: https://www.suse.com/security/cve/CVE-2016-10200.html https://www.suse.com/security/cve/CVE-2016-2117.html https://www.suse.com/security/cve/CVE-2016-9191.html https://www.suse.com/security/cve/CVE-2017-2596.html https://www.suse.com/security/cve/CVE-2017-2671.html https://www.suse.com/security/cve/CVE-2017-6074.html https://www.suse.com/security/cve/CVE-2017-6214.html https://www.suse.com/security/cve/CVE-2017-6345.html https://www.suse.com/security/cve/CVE-2017-6346.html https://www.suse.com/security/cve/CVE-2017-6347.html https://www.suse.com/security/cve/CVE-2017-6353.html https://www.suse.com/security/cve/CVE-2017-7187.html https://www.suse.com/security/cve/CVE-2017-7261.html https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://www.suse.com/security/cve/CVE-2017-7374.html https://bugzilla.suse.com/1007959 https://bugzilla.suse.com/1007962 https://bugzilla.suse.com/1008842 https://bugzilla.suse.com/1010032 https://bugzilla.suse.com/1011913 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1012910 https://bugzilla.suse.com/1013994 https://bugzilla.suse.com/1014136 https://bugzilla.suse.com/1015609 https://bugzilla.suse.com/1017461 https://bugzilla.suse.com/1017641 https://bugzilla.suse.com/1018263 https://bugzilla.suse.com/1018419 https://bugzilla.suse.com/1019163 https://bugzilla.suse.com/1019614 https://bugzilla.suse.com/1019618 https://bugzilla.suse.com/1020048 https://bugzilla.suse.com/1021762 https://bugzilla.suse.com/1022340 https://bugzilla.suse.com/1022785 https://bugzilla.suse.com/1023866 https://bugzilla.suse.com/1024015 https://bugzilla.suse.com/1025683 https://bugzilla.suse.com/1026024 https://bugzilla.suse.com/1026405 https://bugzilla.suse.com/1026462 https://bugzilla.suse.com/1026505 https://bugzilla.suse.com/1026509 https://bugzilla.suse.com/1026692 https://bugzilla.suse.com/1026722 https://bugzilla.suse.com/1027054 https://bugzilla.suse.com/1027066 https://bugzilla.suse.com/1027153 https://bugzilla.suse.com/1027179 https://bugzilla.suse.com/1027189 https://bugzilla.suse.com/1027190 https://bugzilla.suse.com/1027195 https://bugzilla.suse.com/1027273 https://bugzilla.suse.com/1027616 https://bugzilla.suse.com/1028017 https://bugzilla.suse.com/1028027 https://bugzilla.suse.com/1028041 https://bugzilla.suse.com/1028158 https://bugzilla.suse.com/1028217 https://bugzilla.suse.com/1028325 https://bugzilla.suse.com/1028415 https://bugzilla.suse.com/1028819 https://bugzilla.suse.com/1028895 https://bugzilla.suse.com/1029220 https://bugzilla.suse.com/1029514 https://bugzilla.suse.com/1029634 https://bugzilla.suse.com/1029986 https://bugzilla.suse.com/1030118 https://bugzilla.suse.com/1030213 https://bugzilla.suse.com/1031003 https://bugzilla.suse.com/1031052 https://bugzilla.suse.com/1031200 https://bugzilla.suse.com/1031206 https://bugzilla.suse.com/1031208 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031579 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1031662 https://bugzilla.suse.com/1031717 https://bugzilla.suse.com/1031831 https://bugzilla.suse.com/1032006 https://bugzilla.suse.com/1032673 https://bugzilla.suse.com/1032681 https://bugzilla.suse.com/897662 https://bugzilla.suse.com/951844 https://bugzilla.suse.com/968697 https://bugzilla.suse.com/969755 https://bugzilla.suse.com/970083 https://bugzilla.suse.com/977572 https://bugzilla.suse.com/977860 https://bugzilla.suse.com/978056 https://bugzilla.suse.com/980892 https://bugzilla.suse.com/981634 https://bugzilla.suse.com/982783 https://bugzilla.suse.com/987899 https://bugzilla.suse.com/988281 https://bugzilla.suse.com/991173 https://bugzilla.suse.com/998106 From sle-security-updates at lists.suse.com Fri May 5 22:09:43 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Sat, 6 May 2017 06:09:43 +0200 (CEST) Subject: SUSE-SU-2017:1187-1: moderate: Security update for libosip2 Message-ID: <20170506040943.E16B4101C0@maintenance.suse.de> SUSE Security Update: Security update for libosip2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1187-1 Rating: moderate References: #1034570 #1034571 #1034572 #1034574 Cross-References: CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2017-7853 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libosip2 fixes several issues. These security issues were fixed: - CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS (bsc#1034570). - CVE-2016-10326: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS (bsc#1034571). - CVE-2016-10325: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS (bsc#1034572). - CVE-2016-10324: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c (bsc#1034574). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-704=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-704=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-704=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-704=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-704=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-704=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 libosip2-devel-3.5.0-20.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 libosip2-devel-3.5.0-20.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libosip2-3.5.0-20.1 libosip2-debuginfo-3.5.0-20.1 libosip2-debugsource-3.5.0-20.1 References: https://www.suse.com/security/cve/CVE-2016-10324.html https://www.suse.com/security/cve/CVE-2016-10325.html https://www.suse.com/security/cve/CVE-2016-10326.html https://www.suse.com/security/cve/CVE-2017-7853.html https://bugzilla.suse.com/1034570 https://bugzilla.suse.com/1034571 https://bugzilla.suse.com/1034572 https://bugzilla.suse.com/1034574 From sle-security-updates at lists.suse.com Fri May 5 22:10:44 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Sat, 6 May 2017 06:10:44 +0200 (CEST) Subject: SUSE-SU-2017:1188-1: moderate: Security update for libosip2 Message-ID: <20170506041044.79122101C1@maintenance.suse.de> SUSE Security Update: Security update for libosip2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1188-1 Rating: moderate References: #1034570 #1034571 #1034572 #1034574 Cross-References: CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2017-7853 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libosip2 fixes several issues. These security issues were fixed: - CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS (bsc#1034570) - CVE-2016-10326: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS (bsc#1034571) - CVE-2016-10325: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS (bsc#1034572) - CVE-2016-10324: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c (bsc#1034574) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libosip2-13095=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libosip2-13095=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libosip2-3.1.0-3.1 libosip2-devel-3.1.0-3.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libosip2-debuginfo-3.1.0-3.1 libosip2-debugsource-3.1.0-3.1 References: https://www.suse.com/security/cve/CVE-2016-10324.html https://www.suse.com/security/cve/CVE-2016-10325.html https://www.suse.com/security/cve/CVE-2016-10326.html https://www.suse.com/security/cve/CVE-2017-7853.html https://bugzilla.suse.com/1034570 https://bugzilla.suse.com/1034571 https://bugzilla.suse.com/1034572 https://bugzilla.suse.com/1034574 From sle-security-updates at lists.suse.com Mon May 8 13:12:01 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 8 May 2017 21:12:01 +0200 (CEST) Subject: SUSE-SU-2017:1216-1: important: Security update for samba Message-ID: <20170508191201.3CBE6101C3@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1216-1 Rating: important References: #1027147 #1036283 Cross-References: CVE-2017-2619 Affected Products: SUSE OpenStack Cloud 5 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for samba fixes the following issues: Security issue fixed: - CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147). For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression in the fix has been addressed (bsc#1036283, bso#12721). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-samba-13096=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-13096=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-13096=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-samba-13096=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-samba-13096=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-13096=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-13096=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libsmbclient0-32bit-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE OpenStack Cloud 5 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-90.1 libnetapi-devel-3.6.3-90.1 libnetapi0-3.6.3-90.1 libsmbclient-devel-3.6.3-90.1 libsmbsharemodes-devel-3.6.3-90.1 libsmbsharemodes0-3.6.3-90.1 libtalloc-devel-3.6.3-90.1 libtdb-devel-3.6.3-90.1 libtevent-devel-3.6.3-90.1 libwbclient-devel-3.6.3-90.1 samba-devel-3.6.3-90.1 samba-test-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-90.1 libtalloc2-x86-3.6.3-90.1 libtdb1-x86-3.6.3-90.1 libtevent0-x86-3.6.3-90.1 libwbclient0-x86-3.6.3-90.1 samba-client-x86-3.6.3-90.1 samba-winbind-x86-3.6.3-90.1 samba-x86-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-90.1 samba-debugsource-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): samba-debuginfo-3.6.3-90.1 samba-debugsource-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): samba-debuginfo-32bit-3.6.3-90.1 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1027147 https://bugzilla.suse.com/1036283 From sle-security-updates at lists.suse.com Tue May 9 10:10:20 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 9 May 2017 18:10:20 +0200 (CEST) Subject: SUSE-SU-2017:1222-1: moderate: Security update for Botan Message-ID: <20170509161020.11BB8101C1@maintenance.suse.de> SUSE Security Update: Security update for Botan ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1222-1 Rating: moderate References: #1013209 #1033605 #965620 #965621 #968025 #968026 #968030 #974521 #977420 Cross-References: CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 CVE-2016-9132 CVE-2017-2801 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for Botan to version 1.10.9 fixes the following issues: These security issues were fixed: - CVE-2015-5726: The BER decoder in Botan 0.10.x allowed remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data (bsc#968025). - CVE-2015-5727: The BER decoder in Botan 1.10.x allowed remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field (bsc#968026). - CVE-2015-7827: Botan make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding (bsc#968030). - CVE-2016-2849: Botan do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allowed remote attackers to obtain ECDSA secret keys via a timing side-channel attack (bsc#977420). - CVE-2016-9132: In Botan 1.8.0 when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later caused memory corruption or other failure (bsc#1013209). - CVE-2016-2194: The ressol function in Botan allowed remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus (bsc#965621). - CVE-2016-2195: Integer overflow in the PointGFp constructor in Botan allowed remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow (bsc#965620). - CVE-2017-2801: Incorrect comparison in X.509 DN strings (bsc#1033605). - CVE-2014-9742: The Miller-Rabin primality check in Botan improperly used a single random base, which made it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group (bsc#974521). These non-security issues were fixed: - Fixed EAX tag verification to run in constant time - The default TLS policy now disables SSLv3. - A crash could have occured when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated. - Fixed decoding indefinite length BER constructs that contain a context sensitive tag of zero. - The key length limit on HMAC has been raised to 512 bytes, allowing the use of very long passphrases with PBKDF2. - OAEP had two bugs, one of which allowed it to be used even if the key was too small, and the other of which would cause a crash during decryption if the EME data was too large for the associated key. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-723=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-723=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): Botan-debugsource-1.10.9-3.1 libbotan-1_10-0-1.10.9-3.1 libbotan-1_10-0-debuginfo-1.10.9-3.1 libbotan-devel-1.10.9-3.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): Botan-debugsource-1.10.9-3.1 libbotan-1_10-0-1.10.9-3.1 libbotan-1_10-0-debuginfo-1.10.9-3.1 libbotan-devel-1.10.9-3.1 References: https://www.suse.com/security/cve/CVE-2014-9742.html https://www.suse.com/security/cve/CVE-2015-5726.html https://www.suse.com/security/cve/CVE-2015-5727.html https://www.suse.com/security/cve/CVE-2015-7827.html https://www.suse.com/security/cve/CVE-2016-2194.html https://www.suse.com/security/cve/CVE-2016-2195.html https://www.suse.com/security/cve/CVE-2016-2849.html https://www.suse.com/security/cve/CVE-2016-9132.html https://www.suse.com/security/cve/CVE-2017-2801.html https://bugzilla.suse.com/1013209 https://bugzilla.suse.com/1033605 https://bugzilla.suse.com/965620 https://bugzilla.suse.com/965621 https://bugzilla.suse.com/968025 https://bugzilla.suse.com/968026 https://bugzilla.suse.com/968030 https://bugzilla.suse.com/974521 https://bugzilla.suse.com/977420 From sle-security-updates at lists.suse.com Wed May 10 10:10:03 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 10 May 2017 18:10:03 +0200 (CEST) Subject: SUSE-SU-2017:1229-1: important: Security update for tomcat Message-ID: <20170510161003.0FCB4101C0@maintenance.suse.de> SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1229-1 Rating: important References: #1015119 #1033447 #1033448 Cross-References: CVE-2016-8745 CVE-2017-5647 CVE-2017-5648 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure (bsc#1033448) - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure (bsc#1033447) - CVE-2016-8745 shared Processor on Connector code could lead to information disclosure (bsc#1015119) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-733=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-733=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): tomcat-8.0.43-23.1 tomcat-admin-webapps-8.0.43-23.1 tomcat-docs-webapp-8.0.43-23.1 tomcat-el-3_0-api-8.0.43-23.1 tomcat-javadoc-8.0.43-23.1 tomcat-jsp-2_3-api-8.0.43-23.1 tomcat-lib-8.0.43-23.1 tomcat-servlet-3_1-api-8.0.43-23.1 tomcat-webapps-8.0.43-23.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): tomcat-8.0.43-23.1 tomcat-admin-webapps-8.0.43-23.1 tomcat-docs-webapp-8.0.43-23.1 tomcat-el-3_0-api-8.0.43-23.1 tomcat-javadoc-8.0.43-23.1 tomcat-jsp-2_3-api-8.0.43-23.1 tomcat-lib-8.0.43-23.1 tomcat-servlet-3_1-api-8.0.43-23.1 tomcat-webapps-8.0.43-23.1 References: https://www.suse.com/security/cve/CVE-2016-8745.html https://www.suse.com/security/cve/CVE-2017-5647.html https://www.suse.com/security/cve/CVE-2017-5648.html https://bugzilla.suse.com/1015119 https://bugzilla.suse.com/1033447 https://bugzilla.suse.com/1033448 From sle-security-updates at lists.suse.com Wed May 10 10:11:36 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 10 May 2017 18:11:36 +0200 (CEST) Subject: SUSE-SU-2017:1233-1: moderate: Security update for openstack-magnum Message-ID: <20170510161136.EB329101C1@maintenance.suse.de> SUSE Security Update: Security update for openstack-magnum ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1233-1 Rating: moderate References: #998182 Cross-References: CVE-2016-7404 Affected Products: SUSE OpenStack Cloud 7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for openstack-magnum fixes the following issues: Security issues fixed: - CVE-2016-7404: Magnum created instances have full API access to creating user's OpenStack account (bsc#998182). Bugfixes: - Fixed exception for InvalidParameterValue. - Updated patches have been tested against magnum-3.1.2.dev20 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2017-730=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 7 (noarch): openstack-magnum-3.1.2~a0~dev20-9.4 openstack-magnum-api-3.1.2~a0~dev20-9.4 openstack-magnum-conductor-3.1.2~a0~dev20-9.4 openstack-magnum-doc-3.1.2~a0~dev20-9.3 python-magnum-3.1.2~a0~dev20-9.4 References: https://www.suse.com/security/cve/CVE-2016-7404.html https://bugzilla.suse.com/998182 From sle-security-updates at lists.suse.com Wed May 10 16:09:17 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 00:09:17 +0200 (CEST) Subject: SUSE-SU-2017:1236-1: moderate: Security update for libsndfile Message-ID: <20170510220917.348E7101C3@maintenance.suse.de> SUSE Security Update: Security update for libsndfile ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1236-1 Rating: moderate References: #1033054 #1033914 #1033915 #1036943 #1036944 #1036945 #1036946 Cross-References: CVE-2017-7585 CVE-2017-7741 CVE-2017-7742 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for libsndfile fixes the following issues: - CVE-2017-8362: invalid memory read in flac_buffer_copy (flac.c) (bsc#1036943) - CVE-2017-8365: global buffer overflow in i2les_array (pcm.c) (bsc#1036946) - CVE-2017-8361: global buffer overflow in flac_buffer_copy (flac.c) (bsc#1036944) - CVE-2017-8363: heap-based buffer overflow in flac_buffer_copy (flac.c) (bsc#1036945) - CVE-2017-7585: stack-based buffer overflow via a specially crafted FLAC file (bsc#1033054) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libsndfile-13099=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libsndfile-13099=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libsndfile-13099=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-devel-1.0.20-2.18.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-1.0.20-2.18.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsndfile-32bit-1.0.20-2.18.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsndfile-x86-1.0.20-2.18.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-debuginfo-1.0.20-2.18.1 libsndfile-debugsource-1.0.20-2.18.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): libsndfile-debuginfo-32bit-1.0.20-2.18.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): libsndfile-debuginfo-x86-1.0.20-2.18.1 References: https://www.suse.com/security/cve/CVE-2017-7585.html https://www.suse.com/security/cve/CVE-2017-7741.html https://www.suse.com/security/cve/CVE-2017-7742.html https://www.suse.com/security/cve/CVE-2017-8361.html https://www.suse.com/security/cve/CVE-2017-8362.html https://www.suse.com/security/cve/CVE-2017-8363.html https://www.suse.com/security/cve/CVE-2017-8365.html https://bugzilla.suse.com/1033054 https://bugzilla.suse.com/1033914 https://bugzilla.suse.com/1033915 https://bugzilla.suse.com/1036943 https://bugzilla.suse.com/1036944 https://bugzilla.suse.com/1036945 https://bugzilla.suse.com/1036946 From sle-security-updates at lists.suse.com Wed May 10 16:11:16 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 00:11:16 +0200 (CEST) Subject: SUSE-SU-2017:1238-1: important: Security update for flash-player Message-ID: <20170510221116.F3181101C1@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1238-1 Rating: important References: #1038281 Cross-References: CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for flash-player fixes the following issues: - Security update to 25.0.0.171 (bsc#1038281), fixing the following vulnerabilities advised under APSB17-15: * Use-after-free vulnerability that could lead to code execution (CVE-2017-3071). * Memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074). * Details: https://helpx.adobe.com/security/products/flash-player/apsb17-15.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-738=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-738=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-25.0.0.171-168.1 flash-player-gnome-25.0.0.171-168.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-25.0.0.171-168.1 flash-player-gnome-25.0.0.171-168.1 References: https://www.suse.com/security/cve/CVE-2017-3068.html https://www.suse.com/security/cve/CVE-2017-3069.html https://www.suse.com/security/cve/CVE-2017-3070.html https://www.suse.com/security/cve/CVE-2017-3071.html https://www.suse.com/security/cve/CVE-2017-3072.html https://www.suse.com/security/cve/CVE-2017-3073.html https://www.suse.com/security/cve/CVE-2017-3074.html https://bugzilla.suse.com/1038281 From sle-security-updates at lists.suse.com Thu May 11 07:09:38 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 15:09:38 +0200 (CEST) Subject: SUSE-SU-2017:1241-1: important: Security update for qemu Message-ID: <20170511130938.A89C7101C0@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1241-1 Rating: important References: #1013285 #1014109 #1014111 #1014702 #1015048 #1015169 #1016779 #1020491 #1020589 #1020928 #1021129 #1022541 #1023004 #1023053 #1023907 #1024972 #937125 Cross-References: CVE-2016-10155 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 CVE-2017-2615 CVE-2017-2620 CVE-2017-5525 CVE-2017-5526 CVE-2017-5667 CVE-2017-5856 CVE-2017-5898 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 13 vulnerabilities and has four fixes is now available. Description: This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024972) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1023053) - CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013285) - CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014111) - CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014109) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021129) - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1020589) - CVE-2017-5525: The ac97 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1020491) - CVE-2017-5667: The SDHCI device emulation support was vulnerable to an OOB heap access issue allowing a privileged user inside the guest to crash the Qemu process resulting in DoS or potentially execute arbitrary code with privileges of the Qemu process on the host (bsc#1022541) - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow allowing a privileged user inside the guest to crash the Qemu process resulting in DoS (bnc#1023907) These non-security issues were fixed: - Fix post script for qemu-guest-agent rpm to actually activate the guest agent at rpm install time - Fixed various inaccuracies in cirrus vga device emulation - Fixed cause of infrequent migration failures from bad virtio device state (bsc#1020928) - Fixed virtio interface failure (bsc#1015048) - Fixed graphical update errors introduced by previous security fix (bsc#1016779) - Fixed uint64 property parsing and add regression tests (bsc#937125) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-740=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-740=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): qemu-2.3.1-32.11 qemu-block-curl-2.3.1-32.11 qemu-block-curl-debuginfo-2.3.1-32.11 qemu-debugsource-2.3.1-32.11 qemu-guest-agent-2.3.1-32.11 qemu-guest-agent-debuginfo-2.3.1-32.11 qemu-lang-2.3.1-32.11 qemu-tools-2.3.1-32.11 qemu-tools-debuginfo-2.3.1-32.11 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): qemu-kvm-2.3.1-32.11 - SUSE Linux Enterprise Server 12-SP1 (ppc64le): qemu-ppc-2.3.1-32.11 qemu-ppc-debuginfo-2.3.1-32.11 - SUSE Linux Enterprise Server 12-SP1 (noarch): qemu-ipxe-1.0.0-32.11 qemu-seabios-1.8.1-32.11 qemu-sgabios-8-32.11 qemu-vgabios-1.8.1-32.11 - SUSE Linux Enterprise Server 12-SP1 (x86_64): qemu-block-rbd-2.3.1-32.11 qemu-block-rbd-debuginfo-2.3.1-32.11 qemu-x86-2.3.1-32.11 - SUSE Linux Enterprise Server 12-SP1 (s390x): qemu-s390-2.3.1-32.11 qemu-s390-debuginfo-2.3.1-32.11 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): qemu-ipxe-1.0.0-32.11 qemu-seabios-1.8.1-32.11 qemu-sgabios-8-32.11 qemu-vgabios-1.8.1-32.11 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): qemu-2.3.1-32.11 qemu-block-curl-2.3.1-32.11 qemu-block-curl-debuginfo-2.3.1-32.11 qemu-debugsource-2.3.1-32.11 qemu-kvm-2.3.1-32.11 qemu-tools-2.3.1-32.11 qemu-tools-debuginfo-2.3.1-32.11 qemu-x86-2.3.1-32.11 References: https://www.suse.com/security/cve/CVE-2016-10155.html https://www.suse.com/security/cve/CVE-2016-9776.html https://www.suse.com/security/cve/CVE-2016-9907.html https://www.suse.com/security/cve/CVE-2016-9911.html https://www.suse.com/security/cve/CVE-2016-9921.html https://www.suse.com/security/cve/CVE-2016-9922.html https://www.suse.com/security/cve/CVE-2017-2615.html https://www.suse.com/security/cve/CVE-2017-2620.html https://www.suse.com/security/cve/CVE-2017-5525.html https://www.suse.com/security/cve/CVE-2017-5526.html https://www.suse.com/security/cve/CVE-2017-5667.html https://www.suse.com/security/cve/CVE-2017-5856.html https://www.suse.com/security/cve/CVE-2017-5898.html https://bugzilla.suse.com/1013285 https://bugzilla.suse.com/1014109 https://bugzilla.suse.com/1014111 https://bugzilla.suse.com/1014702 https://bugzilla.suse.com/1015048 https://bugzilla.suse.com/1015169 https://bugzilla.suse.com/1016779 https://bugzilla.suse.com/1020491 https://bugzilla.suse.com/1020589 https://bugzilla.suse.com/1020928 https://bugzilla.suse.com/1021129 https://bugzilla.suse.com/1022541 https://bugzilla.suse.com/1023004 https://bugzilla.suse.com/1023053 https://bugzilla.suse.com/1023907 https://bugzilla.suse.com/1024972 https://bugzilla.suse.com/937125 From sle-security-updates at lists.suse.com Thu May 11 13:09:06 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 21:09:06 +0200 (CEST) Subject: SUSE-SU-2017:1247-1: important: Security update for the Linux Kernel Message-ID: <20170511190906.F216B101C3@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1247-1 Rating: important References: #1003077 #1015703 #1021256 #1021762 #1023377 #1023762 #1023992 #1024938 #1025235 #1026024 #1026722 #1026914 #1027066 #1027149 #1027178 #1027189 #1027190 #1028415 #1028895 #1029986 #1030118 #1030213 #1030901 #1031003 #1031052 #1031440 #1031579 #1032344 #1033336 #914939 #954763 #968697 #979215 #983212 #989056 Cross-References: CVE-2015-1350 CVE-2016-10044 CVE-2016-10200 CVE-2016-10208 CVE-2016-2117 CVE-2016-3070 CVE-2016-5243 CVE-2016-7117 CVE-2016-9588 CVE-2017-2671 CVE-2017-5669 CVE-2017-5897 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7616 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that solves 25 vulnerabilities and has 10 fixes is now available. Description: The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enabled scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697). - CVE-2016-3070: The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacted with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215). - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanages the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bnc#1015703). - CVE-2016-10044: The aio_mount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call (bnc#1023992). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bnc#1023762). - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938). - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190). - CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189). - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). The following non-security bugs were fixed: - ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986). - hwrng: virtio - ensure reads happen after successful probe (bsc#954763 bsc#1032344). - kgr/module: make a taint flag module-specific (fate#313296). - l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415). - l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415). - l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415). - l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415). - l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415). - l2tp: lock socket before checking flags in connect() (bsc#1028415). - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118). - module: move add_taint_module() to a header file (fate#313296). - netfilter: bridge: Fix the build when IPV6 is disabled (bsc#1027149). - nfs: flush out dirty data on file fput() (bsc#1021762). - powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895). - powerpc: Reject binutils 2.24 when building little endian (boo#1028895). - revert "procfs: mark thread stack correctly in proc//maps" (bnc#1030901). - taint/module: Clean up global and module taint flags handling (fate#313296). - usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256). - xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056). - xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-749=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-749=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-749=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kernel-default-3.12.61-52.72.1 kernel-default-base-3.12.61-52.72.1 kernel-default-base-debuginfo-3.12.61-52.72.1 kernel-default-debuginfo-3.12.61-52.72.1 kernel-default-debugsource-3.12.61-52.72.1 kernel-default-devel-3.12.61-52.72.1 kernel-syms-3.12.61-52.72.1 kernel-xen-3.12.61-52.72.1 kernel-xen-base-3.12.61-52.72.1 kernel-xen-base-debuginfo-3.12.61-52.72.1 kernel-xen-debuginfo-3.12.61-52.72.1 kernel-xen-debugsource-3.12.61-52.72.1 kernel-xen-devel-3.12.61-52.72.1 kgraft-patch-3_12_61-52_72-default-1-2.1 kgraft-patch-3_12_61-52_72-xen-1-2.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): kernel-devel-3.12.61-52.72.1 kernel-macros-3.12.61-52.72.1 kernel-source-3.12.61-52.72.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): kernel-default-3.12.61-52.72.1 kernel-default-base-3.12.61-52.72.1 kernel-default-base-debuginfo-3.12.61-52.72.1 kernel-default-debuginfo-3.12.61-52.72.1 kernel-default-debugsource-3.12.61-52.72.1 kernel-default-devel-3.12.61-52.72.1 kernel-syms-3.12.61-52.72.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): kernel-devel-3.12.61-52.72.1 kernel-macros-3.12.61-52.72.1 kernel-source-3.12.61-52.72.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kernel-xen-3.12.61-52.72.1 kernel-xen-base-3.12.61-52.72.1 kernel-xen-base-debuginfo-3.12.61-52.72.1 kernel-xen-debuginfo-3.12.61-52.72.1 kernel-xen-debugsource-3.12.61-52.72.1 kernel-xen-devel-3.12.61-52.72.1 kgraft-patch-3_12_61-52_72-default-1-2.1 kgraft-patch-3_12_61-52_72-xen-1-2.1 - SUSE Linux Enterprise Server 12-LTSS (s390x): kernel-default-man-3.12.61-52.72.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.61-52.72.1 kernel-ec2-debuginfo-3.12.61-52.72.1 kernel-ec2-debugsource-3.12.61-52.72.1 kernel-ec2-devel-3.12.61-52.72.1 kernel-ec2-extra-3.12.61-52.72.1 kernel-ec2-extra-debuginfo-3.12.61-52.72.1 References: https://www.suse.com/security/cve/CVE-2015-1350.html https://www.suse.com/security/cve/CVE-2016-10044.html https://www.suse.com/security/cve/CVE-2016-10200.html https://www.suse.com/security/cve/CVE-2016-10208.html https://www.suse.com/security/cve/CVE-2016-2117.html https://www.suse.com/security/cve/CVE-2016-3070.html https://www.suse.com/security/cve/CVE-2016-5243.html https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-9588.html https://www.suse.com/security/cve/CVE-2017-2671.html https://www.suse.com/security/cve/CVE-2017-5669.html https://www.suse.com/security/cve/CVE-2017-5897.html https://www.suse.com/security/cve/CVE-2017-5970.html https://www.suse.com/security/cve/CVE-2017-5986.html https://www.suse.com/security/cve/CVE-2017-6074.html https://www.suse.com/security/cve/CVE-2017-6214.html https://www.suse.com/security/cve/CVE-2017-6345.html https://www.suse.com/security/cve/CVE-2017-6346.html https://www.suse.com/security/cve/CVE-2017-6348.html https://www.suse.com/security/cve/CVE-2017-6353.html https://www.suse.com/security/cve/CVE-2017-7187.html https://www.suse.com/security/cve/CVE-2017-7261.html https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://www.suse.com/security/cve/CVE-2017-7616.html https://bugzilla.suse.com/1003077 https://bugzilla.suse.com/1015703 https://bugzilla.suse.com/1021256 https://bugzilla.suse.com/1021762 https://bugzilla.suse.com/1023377 https://bugzilla.suse.com/1023762 https://bugzilla.suse.com/1023992 https://bugzilla.suse.com/1024938 https://bugzilla.suse.com/1025235 https://bugzilla.suse.com/1026024 https://bugzilla.suse.com/1026722 https://bugzilla.suse.com/1026914 https://bugzilla.suse.com/1027066 https://bugzilla.suse.com/1027149 https://bugzilla.suse.com/1027178 https://bugzilla.suse.com/1027189 https://bugzilla.suse.com/1027190 https://bugzilla.suse.com/1028415 https://bugzilla.suse.com/1028895 https://bugzilla.suse.com/1029986 https://bugzilla.suse.com/1030118 https://bugzilla.suse.com/1030213 https://bugzilla.suse.com/1030901 https://bugzilla.suse.com/1031003 https://bugzilla.suse.com/1031052 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031579 https://bugzilla.suse.com/1032344 https://bugzilla.suse.com/1033336 https://bugzilla.suse.com/914939 https://bugzilla.suse.com/954763 https://bugzilla.suse.com/968697 https://bugzilla.suse.com/979215 https://bugzilla.suse.com/983212 https://bugzilla.suse.com/989056 From sle-security-updates at lists.suse.com Thu May 11 13:15:06 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 21:15:06 +0200 (CEST) Subject: SUSE-SU-2017:1248-1: important: Security update for MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk Message-ID: <20170511191506.4F7A1101C0@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1248-1 Rating: important References: #1015499 #1015547 #1021636 #1026102 #1030071 #1035082 #983639 Cross-References: CVE-2016-1950 CVE-2016-2834 CVE-2016-8635 CVE-2016-9574 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 29 vulnerabilities is now available. Description: Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082) - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2 - MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection - MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing - MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding - MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing - MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs: - Update to NSS 3.29.5: * MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed. * MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed. * CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499). * requires NSPR >= 4.13.1 - Update to NSS 3.29.3 * enables TLS 1.3 by default - Fixed a bug in hash computation (and build with GCC 7 which complains about shifts of boolean values). (bsc#1030071, bmo#1348767) - Update to NSS 3.28.3 This is a patch release to fix binary compatibility issues. - Update to NSS 3.28.1 This is a patch release to update the list of root CA certificates. * The following CA certificates were Removed CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA Security 2048 V3 * The following CA certificates were Added OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN = Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2 Public Primary Certification Authority - G4 CN = Symantec Class 2 Public Primary Certification Authority - G6 * The version number of the updated root CA list has been set to 2.11 - Update to NSS 3.28 New functionality: * NSS includes support for TLS 1.3 draft -18. This includes a number of improvements to TLS 1.3: - The signed certificate timestamp, used in certificate transparency, is supported in TLS 1.3. - Key exporters for TLS 1.3 are supported. This includes the early key exporter, which can be used if 0-RTT is enabled. Note that there is a difference between TLS 1.3 and key exporters in older versions of TLS. TLS 1.3 does not distinguish between an empty context and no context. - The TLS 1.3 (draft) protocol can be enabled, by defining NSS_ENABLE_TLS_1_3=1 when building NSS. - NSS includes support for the X25519 key exchange algorithm, which is supported and enabled by default in all versions of TLS. Notable Changes: * NSS can no longer be compiled with support for additional elliptic curves. This was previously possible by replacing certain NSS source files. * NSS will now detect the presence of tokens that support additional elliptic curves and enable those curves for use in TLS. Note that this detection has a one-off performance cost, which can be avoided by using the SSL_NamedGroupConfig function to limit supported groups to those that NSS provides. * PKCS#11 bypass for TLS is no longer supported and has been removed. * Support for "export" grade SSL/TLS cipher suites has been removed. * NSS now uses the signature schemes definition in TLS 1.3. This also affects TLS 1.2. NSS will now only generate signatures with the combinations of hash and signature scheme that are defined in TLS 1.3, even when negotiating TLS 1.2. - This means that SHA-256 will only be used with P-256 ECDSA certificates, SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates. SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward compatibility reasons. - NSS will now no longer assume that default signature schemes are supported by a peer if there was no commonly supported signature scheme. * NSS will now check if RSA-PSS signing is supported by the token that holds the private key prior to using it for TLS. * The certificate validation code contains checks to no longer trust certificates that are issued by old WoSign and StartCom CAs after October 21, 2016. This is equivalent to the behavior that Mozilla will release with Firefox 51. - Update to NSS 3.27.2 * Fixed SSL_SetTrustAnchors leaks (bmo#1318561) - raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636) - Update to NSS 3.26.2 New Functionality: * the selfserv test utility has been enhanced to support ALPN (HTTP/1.1) and 0-RTT * added support for the System-wide crypto policy available on Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy * introduced build flag NSS_DISABLE_LIBPKIX that allows compilation of NSS without the libpkix library Notable Changes: * The following CA certificate was Added CN = ISRG Root X1 * NPN is disabled and ALPN is enabled by default * the NSS test suite now completes with the experimental TLS 1.3 code enabled * several test improvements and additions, including a NIST known answer test Changes in 3.26.2 * MD5 signature algorithms sent by the server in CertificateRequest messages are now properly ignored. Previously, with rare server configurations, an MD5 signature algorithm might have been selected for client authentication and caused the client to abort the connection soon after. - Update to NSS 3.25 New functionality: * Implemented DHE key agreement for TLS 1.3 * Added support for ChaCha with TLS 1.3 * Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF * In previous versions, when using client authentication with TLS 1.2, NSS only supported certificate_verify messages that used the same signature hash algorithm as used by the PRF. This limitation has been removed. Notable changes: * An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3 * Regression fix: NSS no longer reports a failure if an application attempts to disable the SSLv2 protocol. * The list of trusted CA certificates has been updated to version 2.8 * The following CA certificate was Removed Sonera Class1 CA * The following CA certificates were Added Hellenic Academic and Research Institutions RootCA 2015 Hellenic Academic and Research Institutions ECC RootCA 2015 Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3 - Update to NSS 3.24 New functionality: * NSS softoken has been updated with the latest National Institute of Standards and Technology (NIST) guidance (as of 2015): - Software integrity checks and POST functions are executed on shared library load. These checks have been disabled by default, as they can cause a performance regression. To enable these checks, you must define symbol NSS_FORCE_FIPS when building NSS. - Counter mode and Galois/Counter Mode (GCM) have checks to prevent counter overflow. - Additional CSPs are zeroed in the code. - NSS softoken uses new guidance for how many Rabin-Miller tests are needed to verify a prime based on prime size. * NSS softoken has also been updated to allow NSS to run in FIPS Level 1 (no password). This mode is triggered by setting the database password to the empty string. In FIPS mode, you may move from Level 1 to Level 2 (by setting an appropriate password), but not the reverse. * A SSL_ConfigServerCert function has been added for configuring SSL/TLS server sockets with a certificate and private key. Use this new function in place of SSL_ConfigSecureServer, SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically determines the certificate type from the certificate and private key. The caller is no longer required to use SSLKEAType explicitly to select a "slot" into which the certificate is configured (which incorrectly identifies a key agreement type rather than a certificate). Separate functions for configuring Online Certificate Status Protocol (OCSP) responses or Signed Certificate Timestamps are not needed, since these can be added to the optional SSLExtraServerCertData struct provided to SSL_ConfigServerCert. Also, partial support for RSA Probabilistic Signature Scheme (RSA-PSS) certificates has been added. Although these certificates can be configured, they will not be used by NSS in this version. * Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo. Instead, applications should use the newly added attribute authType. * Add a shared library (libfreeblpriv3) on Linux platforms that define FREEBL_LOWHASH. * Remove most code related to SSL v2, including the ability to actively send a SSLv2-compatible client hello. However, the server-side implementation of the SSL/TLS protocol still supports processing of received v2-compatible client hello messages. * Disable (by default) NSS support in optimized builds for logging SSL/TLS key material to a logfile if the SSLKEYLOGFILE environment variable is set. To enable the functionality in optimized builds, you must define the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS. * Update NSS to protect it against the Cachebleed attack. * Disable support for DTLS compression. * Improve support for TLS 1.3. This includes support for DTLS 1.3. Note that TLS 1.3 support is experimental and not suitable for production use. - Update to NSS 3.23 New functionality: * ChaCha20/Poly1305 cipher and TLS cipher suites now supported * Experimental-only support TLS 1.3 1-RTT mode (draft-11). This code is not ready for production use. Notable changes: * The list of TLS extensions sent in the TLS handshake has been reordered to increase compatibility of the Extended Master Secret with with servers * The build time environment variable NSS_ENABLE_ZLIB has been renamed to NSS_SSL_ENABLE_ZLIB * The build time environment variable NSS_DISABLE_CHACHAPOLY was added, which can be used to prevent compilation of the ChaCha20/Poly1305 code. * The following CA certificates were Removed - Staat der Nederlanden Root CA - NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado - NetLock Kozjegyzoi (Class A) Tanusitvanykiado - NetLock Uzleti (Class B) Tanusitvanykiado - NetLock Expressz (Class C) Tanusitvanykiado - VeriSign Class 1 Public PCA - G2 - VeriSign Class 3 Public PCA - VeriSign Class 3 Public PCA - G2 - CA Disig * The following CA certificates were Added + SZAFIR ROOT CA2 + Certum Trusted Network CA 2 * The following CA certificate had the Email trust bit turned on + Actalis Authentication Root CA Security fixes: * CVE-2016-2834: Memory safety bugs (boo#983639) MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037 - Update to NSS 3.22.3 * Increase compatibility of TLS extended master secret, don't send an empty TLS extension last in the handshake (bmo#1243641) * Fixed a heap-based buffer overflow related to the parsing of certain ASN.1 structures. An attacker could create a specially-crafted certificate which, when parsed by NSS, would cause a crash or execution of arbitrary code with the permissions of the user. (CVE-2016-1950, bmo#1245528) - Update to NSS 3.22.2 New functionality: * RSA-PSS signatures are now supported (bmo#1215295) * Pseudorandom functions based on hashes other than SHA-1 are now supported * Enforce an External Policy on NSS from a config file (bmo#1009429) - CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547) Mozilla NSPR was updated to version 4.13.1: The previously released version 4.13 had changed pipes to be nonblocking by default, and as a consequence, PollEvent was changed to not block on clear. The NSPR development team received reports that these changes caused regressions in some applications that use NSPR, and it has been decided to revert the changes made in NSPR 4.13. NSPR 4.13.1 restores the traditional behavior of pipes and PollEvent. Mozilla NSPR update to version 4.13 had these changes: - PL_strcmp (and others) were fixed to return consistent results when one of the arguments is NULL. - PollEvent was fixed to not block on clear. - Pipes are always nonblocking. - PR_GetNameForIdentity: added thread safety lock and bound checks. - Removed the PLArena freelist. - Avoid some integer overflows. - fixed several comments. This update also contains java-1_8_0-openjdk that needed to be rebuilt against the new mozilla-nss version. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-748=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-748=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-748=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-748=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-748=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-748=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-748=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-748=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-748=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-devel-45.9.0esr-105.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nspr-devel-4.13.1-18.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-devel-3.29.5-57.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-devel-45.9.0esr-105.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nspr-devel-4.13.1-18.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-devel-3.29.5-57.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-devel-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 libfreebl3-3.29.5-57.1 libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libfreebl3-hmac-3.29.5-57.1 libfreebl3-hmac-32bit-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-hmac-3.29.5-57.1 libsoftokn3-hmac-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nspr-devel-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-devel-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 java-1_8_0-openjdk-1.8.0.121-23.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-debugsource-1.8.0.121-23.4 java-1_8_0-openjdk-demo-1.8.0.121-23.4 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-devel-1.8.0.121-23.4 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-headless-1.8.0.121-23.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4 libfreebl3-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-hmac-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-hmac-3.29.5-57.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 java-1_8_0-openjdk-1.8.0.121-23.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-debugsource-1.8.0.121-23.4 java-1_8_0-openjdk-demo-1.8.0.121-23.4 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-devel-1.8.0.121-23.4 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-headless-1.8.0.121-23.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4 libfreebl3-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-hmac-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-hmac-3.29.5-57.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libfreebl3-hmac-32bit-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-hmac-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 java-1_8_0-openjdk-1.8.0.121-23.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-debugsource-1.8.0.121-23.4 java-1_8_0-openjdk-demo-1.8.0.121-23.4 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-devel-1.8.0.121-23.4 java-1_8_0-openjdk-headless-1.8.0.121-23.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4 libfreebl3-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-hmac-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-hmac-3.29.5-57.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libfreebl3-hmac-32bit-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-hmac-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-devel-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 libfreebl3-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-hmac-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-hmac-3.29.5-57.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nspr-devel-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-devel-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libfreebl3-hmac-32bit-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-hmac-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 java-1_8_0-openjdk-1.8.0.121-23.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-debugsource-1.8.0.121-23.4 java-1_8_0-openjdk-headless-1.8.0.121-23.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4 libfreebl3-3.29.5-57.1 libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): MozillaFirefox-45.9.0esr-105.1 MozillaFirefox-debuginfo-45.9.0esr-105.1 MozillaFirefox-debugsource-45.9.0esr-105.1 MozillaFirefox-translations-45.9.0esr-105.1 java-1_8_0-openjdk-1.8.0.121-23.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4 java-1_8_0-openjdk-debugsource-1.8.0.121-23.4 java-1_8_0-openjdk-headless-1.8.0.121-23.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4 libfreebl3-3.29.5-57.1 libfreebl3-32bit-3.29.5-57.1 libfreebl3-debuginfo-3.29.5-57.1 libfreebl3-debuginfo-32bit-3.29.5-57.1 libsoftokn3-3.29.5-57.1 libsoftokn3-32bit-3.29.5-57.1 libsoftokn3-debuginfo-3.29.5-57.1 libsoftokn3-debuginfo-32bit-3.29.5-57.1 mozilla-nspr-32bit-4.13.1-18.1 mozilla-nspr-4.13.1-18.1 mozilla-nspr-debuginfo-32bit-4.13.1-18.1 mozilla-nspr-debuginfo-4.13.1-18.1 mozilla-nspr-debugsource-4.13.1-18.1 mozilla-nss-3.29.5-57.1 mozilla-nss-32bit-3.29.5-57.1 mozilla-nss-certs-3.29.5-57.1 mozilla-nss-certs-32bit-3.29.5-57.1 mozilla-nss-certs-debuginfo-3.29.5-57.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debuginfo-3.29.5-57.1 mozilla-nss-debuginfo-32bit-3.29.5-57.1 mozilla-nss-debugsource-3.29.5-57.1 mozilla-nss-sysinit-3.29.5-57.1 mozilla-nss-sysinit-32bit-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-3.29.5-57.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1 mozilla-nss-tools-3.29.5-57.1 mozilla-nss-tools-debuginfo-3.29.5-57.1 References: https://www.suse.com/security/cve/CVE-2016-1950.html https://www.suse.com/security/cve/CVE-2016-2834.html https://www.suse.com/security/cve/CVE-2016-8635.html https://www.suse.com/security/cve/CVE-2016-9574.html https://www.suse.com/security/cve/CVE-2017-5429.html https://www.suse.com/security/cve/CVE-2017-5432.html https://www.suse.com/security/cve/CVE-2017-5433.html https://www.suse.com/security/cve/CVE-2017-5434.html https://www.suse.com/security/cve/CVE-2017-5435.html https://www.suse.com/security/cve/CVE-2017-5436.html https://www.suse.com/security/cve/CVE-2017-5437.html https://www.suse.com/security/cve/CVE-2017-5438.html https://www.suse.com/security/cve/CVE-2017-5439.html https://www.suse.com/security/cve/CVE-2017-5440.html https://www.suse.com/security/cve/CVE-2017-5441.html https://www.suse.com/security/cve/CVE-2017-5442.html https://www.suse.com/security/cve/CVE-2017-5443.html https://www.suse.com/security/cve/CVE-2017-5444.html https://www.suse.com/security/cve/CVE-2017-5445.html https://www.suse.com/security/cve/CVE-2017-5446.html https://www.suse.com/security/cve/CVE-2017-5447.html https://www.suse.com/security/cve/CVE-2017-5448.html https://www.suse.com/security/cve/CVE-2017-5459.html https://www.suse.com/security/cve/CVE-2017-5460.html https://www.suse.com/security/cve/CVE-2017-5461.html https://www.suse.com/security/cve/CVE-2017-5462.html https://www.suse.com/security/cve/CVE-2017-5464.html https://www.suse.com/security/cve/CVE-2017-5465.html https://www.suse.com/security/cve/CVE-2017-5469.html https://bugzilla.suse.com/1015499 https://bugzilla.suse.com/1015547 https://bugzilla.suse.com/1021636 https://bugzilla.suse.com/1026102 https://bugzilla.suse.com/1030071 https://bugzilla.suse.com/1035082 https://bugzilla.suse.com/983639 From sle-security-updates at lists.suse.com Thu May 11 13:18:58 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 11 May 2017 21:18:58 +0200 (CEST) Subject: SUSE-SU-2017:1250-1: moderate: Security update for dovecot22 Message-ID: <20170511191858.C95F9101C3@maintenance.suse.de> SUSE Security Update: Security update for dovecot22 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1250-1 Rating: moderate References: #1032248 #854512 #932386 Cross-References: CVE-2017-2669 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed: - CVE-2017-2669: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS (bsc#1032248) Additionally stronger SSL default ciphers are now used. This non-security issue was fixed: - Remove all references /etc/ssl/certs/. It should not be used anymore (bsc#932386) More changes are available in the changelog. Please make sure you read README.SUSE after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-747=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-747=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-747=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-747=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-747=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): dovecot22-debuginfo-2.2.29.1-11.1 dovecot22-debugsource-2.2.29.1-11.1 dovecot22-devel-2.2.29.1-11.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): dovecot22-debuginfo-2.2.29.1-11.1 dovecot22-debugsource-2.2.29.1-11.1 dovecot22-devel-2.2.29.1-11.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): dovecot22-2.2.29.1-11.1 dovecot22-backend-mysql-2.2.29.1-11.1 dovecot22-backend-mysql-debuginfo-2.2.29.1-11.1 dovecot22-backend-pgsql-2.2.29.1-11.1 dovecot22-backend-pgsql-debuginfo-2.2.29.1-11.1 dovecot22-backend-sqlite-2.2.29.1-11.1 dovecot22-backend-sqlite-debuginfo-2.2.29.1-11.1 dovecot22-debuginfo-2.2.29.1-11.1 dovecot22-debugsource-2.2.29.1-11.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): dovecot-2.2-3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): dovecot22-2.2.29.1-11.1 dovecot22-backend-mysql-2.2.29.1-11.1 dovecot22-backend-mysql-debuginfo-2.2.29.1-11.1 dovecot22-backend-pgsql-2.2.29.1-11.1 dovecot22-backend-pgsql-debuginfo-2.2.29.1-11.1 dovecot22-backend-sqlite-2.2.29.1-11.1 dovecot22-backend-sqlite-debuginfo-2.2.29.1-11.1 dovecot22-debuginfo-2.2.29.1-11.1 dovecot22-debugsource-2.2.29.1-11.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): dovecot-2.2-3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): dovecot22-2.2.29.1-11.1 dovecot22-backend-mysql-2.2.29.1-11.1 dovecot22-backend-mysql-debuginfo-2.2.29.1-11.1 dovecot22-backend-pgsql-2.2.29.1-11.1 dovecot22-backend-pgsql-debuginfo-2.2.29.1-11.1 dovecot22-backend-sqlite-2.2.29.1-11.1 dovecot22-backend-sqlite-debuginfo-2.2.29.1-11.1 dovecot22-debuginfo-2.2.29.1-11.1 dovecot22-debugsource-2.2.29.1-11.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): dovecot-2.2-3.1 References: https://www.suse.com/security/cve/CVE-2017-2669.html https://bugzilla.suse.com/1032248 https://bugzilla.suse.com/854512 https://bugzilla.suse.com/932386 From sle-security-updates at lists.suse.com Mon May 15 13:09:43 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:09:43 +0200 (CEST) Subject: SUSE-SU-2017:1277-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 Message-ID: <20170515190943.9D039101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1277-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.21-84 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-771=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:10:55 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:10:55 +0200 (CEST) Subject: SUSE-SU-2017:1278-1: important: Security update for Linux Kernel Live Patch 17 for SLE 12 Message-ID: <20170515191055.D81F9101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 17 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1278-1 Rating: important References: #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_60 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-766=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-766=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_60-default-5-2.1 kgraft-patch-3_12_60-52_60-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_60-default-5-2.1 kgraft-patch-3_12_60-52_60-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:11:29 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:11:29 +0200 (CEST) Subject: SUSE-SU-2017:1279-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 Message-ID: <20170515191129.340EC101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1279-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-772=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-81-default-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:12:22 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:12:22 +0200 (CEST) Subject: SUSE-SU-2017:1280-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 Message-ID: <20170515191222.38227101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1280-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-773=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_32-default-3-2.1 kgraft-patch-3_12_69-60_64_32-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:13:17 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:13:17 +0200 (CEST) Subject: SUSE-SU-2017:1281-1: important: Security update for Linux Kernel Live Patch 20 for SLE 12 Message-ID: <20170515191317.63B33101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 20 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1281-1 Rating: important References: #1025013 #1030575 #1031660 Cross-References: CVE-2017-5970 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update the for Linux Kernel 3.12.61-52.69 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-763=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-763=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_69-default-2-4.1 kgraft-patch-3_12_61-52_69-xen-2-4.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_69-default-2-4.1 kgraft-patch-3_12_61-52_69-xen-2-4.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:14:07 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:14:07 +0200 (CEST) Subject: SUSE-SU-2017:1282-1: moderate: Security update for libxslt Message-ID: <20170515191407.54EA2101C3@maintenance.suse.de> SUSE Security Update: Security update for libxslt ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1282-1 Rating: moderate References: #1005591 #1035905 #934119 #952474 Cross-References: CVE-2015-7995 CVE-2015-9019 CVE-2016-4738 CVE-2017-5029 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page (bsc#1035905). - CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string (bsc#1005591). - CVE-2015-9019: Properly initialize random generator (bsc#934119). - CVE-2015-7995: Vulnerability in function xsltStylePreCompute" in preproc.c could cause a type confusion leading to DoS. (bsc#952474) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libxslt-13104=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libxslt-13104=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libxslt-13104=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxslt-devel-1.1.24-19.33.1 libxslt-python-1.1.24-19.33.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libxslt-devel-32bit-1.1.24-19.33.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxslt-1.1.24-19.33.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libxslt-32bit-1.1.24-19.33.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libxslt-x86-1.1.24-19.33.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxslt-debuginfo-1.1.24-19.33.1 libxslt-debugsource-1.1.24-19.33.1 libxslt-python-debuginfo-1.1.24-19.33.3 libxslt-python-debugsource-1.1.24-19.33.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): libxslt-debuginfo-32bit-1.1.24-19.33.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): libxslt-debuginfo-x86-1.1.24-19.33.1 References: https://www.suse.com/security/cve/CVE-2015-7995.html https://www.suse.com/security/cve/CVE-2015-9019.html https://www.suse.com/security/cve/CVE-2016-4738.html https://www.suse.com/security/cve/CVE-2017-5029.html https://bugzilla.suse.com/1005591 https://bugzilla.suse.com/1035905 https://bugzilla.suse.com/934119 https://bugzilla.suse.com/952474 From sle-security-updates at lists.suse.com Mon May 15 13:15:08 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:15:08 +0200 (CEST) Subject: SUSE-SU-2017:1283-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP2 Message-ID: <20170515191508.23273101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1283-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.49-92_11 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-769=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_49-92_11-default-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:16:10 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:16:10 +0200 (CEST) Subject: SUSE-SU-2017:1284-1: important: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 Message-ID: <20170515191610.AFA72101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1284-1 Rating: important References: #1030467 #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for the Linux Kernel 3.12.62-60_62 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). - bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to freeze in rare circumstances Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-779=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_62-default-9-2.1 kgraft-patch-3_12_62-60_62-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030467 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:17:20 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:17:20 +0200 (CEST) Subject: SUSE-SU-2017:1285-1: important: Security update for Linux Kernel Live Patch 14 for SLE 12 Message-ID: <20170515191720.48F32101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1285-1 Rating: important References: #1030467 #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for the Linux Kernel 3.12.60-52_49 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to freeze in rare circumstances Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-781=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-781=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_49-default-9-2.1 kgraft-patch-3_12_60-52_49-xen-9-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_49-default-9-2.1 kgraft-patch-3_12_60-52_49-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030467 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:20:44 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:20:44 +0200 (CEST) Subject: SUSE-SU-2017:1287-1: important: Security update for Linux Kernel Live Patch 18 for SLE 12 Message-ID: <20170515192044.C3B16101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1287-1 Rating: important References: #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_63 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-765=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-765=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_63-default-5-2.1 kgraft-patch-3_12_60-52_63-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_63-default-5-2.1 kgraft-patch-3_12_60-52_63-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:21:22 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:21:22 +0200 (CEST) Subject: SUSE-SU-2017:1288-1: important: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 Message-ID: <20170515192122.7B68D101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1288-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-778=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_64_8-default-8-2.1 kgraft-patch-3_12_62-60_64_8-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:22:19 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:22:19 +0200 (CEST) Subject: SUSE-SU-2017:1289-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 Message-ID: <20170515192219.72AB0101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1289-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-776=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-6-2.1 kgraft-patch-3_12_67-60_64_21-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:23:11 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:23:11 +0200 (CEST) Subject: SUSE-SU-2017:1290-1: important: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 Message-ID: <20170515192311.952FF101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1290-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-775=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_24-default-5-2.1 kgraft-patch-3_12_67-60_64_24-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:24:03 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:24:03 +0200 (CEST) Subject: SUSE-SU-2017:1291-1: important: Security update for Linux Kernel Live Patch 16 for SLE 12 Message-ID: <20170515192403.4D006101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1291-1 Rating: important References: #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_57 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-767=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-767=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_57-default-6-2.1 kgraft-patch-3_12_60-52_57-xen-6-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_57-default-6-2.1 kgraft-patch-3_12_60-52_57-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:25:19 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:25:19 +0200 (CEST) Subject: SUSE-SU-2017:1293-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 Message-ID: <20170515192519.A262A101C6@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1293-1 Rating: important References: #1030467 #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for the Linux Kernel 3.12.59-60_45 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). - bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to freeze in rare circumstances Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-780=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_45-default-10-2.1 kgraft-patch-3_12_59-60_45-xen-10-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030467 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:26:51 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:26:51 +0200 (CEST) Subject: SUSE-SU-2017:1294-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 Message-ID: <20170515192651.71F8C101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1294-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-774=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_29-default-4-2.1 kgraft-patch-3_12_69-60_64_29-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:27:40 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:27:40 +0200 (CEST) Subject: SUSE-SU-2017:1295-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 Message-ID: <20170515192740.47B4B101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1295-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.38-93 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-770=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_38-93-default-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:30:36 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:30:36 +0200 (CEST) Subject: SUSE-SU-2017:1297-1: important: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 Message-ID: <20170515193036.C2BDA101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1297-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-777=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_18-default-7-2.1 kgraft-patch-3_12_67-60_64_18-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:31:57 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:31:57 +0200 (CEST) Subject: SUSE-SU-2017:1299-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 Message-ID: <20170515193157.48E3C101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1299-1 Rating: important References: #1030467 #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for the Linux Kernel 3.12.55-52_45 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to freeze in rare circumstances Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-782=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-782=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_45-default-9-2.1 kgraft-patch-3_12_55-52_45-xen-9-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_45-default-9-2.1 kgraft-patch-3_12_55-52_45-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030467 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:32:36 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:32:36 +0200 (CEST) Subject: SUSE-SU-2017:1300-1: important: Security update for Linux Kernel Live Patch 15 for SLE 12 Message-ID: <20170515193236.B3BA1101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1300-1 Rating: important References: #1030467 #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for the Linux Kernel 3.12.60-52_54 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to freeze in rare circumstances Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-768=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-768=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_54-default-9-2.1 kgraft-patch-3_12_60-52_54-xen-9-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_54-default-9-2.1 kgraft-patch-3_12_60-52_54-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030467 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 13:33:19 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:33:19 +0200 (CEST) Subject: SUSE-SU-2017:1301-1: important: Security update for the Linux Kernel Message-ID: <20170515193319.3CA0D101C3@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1301-1 Rating: important References: #1005651 #1008374 #1008893 #1013018 #1013070 #1013800 #1013862 #1016489 #1017143 #1018263 #1018446 #1019168 #1020229 #1021256 #1021913 #1022971 #1023014 #1023163 #1023888 #1024508 #1024788 #1024938 #1025235 #1025702 #1026024 #1026260 #1026722 #1026914 #1027066 #1027101 #1027178 #1028415 #1028880 #1029212 #1029770 #1030213 #1030573 #1031003 #1031052 #1031440 #1031579 #1032141 #1033336 #1033771 #1033794 #1033804 #1033816 #1034026 #909486 #911105 #931620 #979021 #982783 #983212 #985561 #988065 #989056 #995542 #999245 Cross-References: CVE-2015-3288 CVE-2015-8970 CVE-2016-10200 CVE-2016-5243 CVE-2017-2671 CVE-2017-5669 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6348 CVE-2017-6353 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7616 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 18 vulnerabilities and has 41 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Notable new features: - Toleration of newer crypto hardware for z Systems - USB 2.0 Link power management for Haswell-ULT The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579) - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003) - CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573). - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1024938). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bsc#1033336). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440) - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052) - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213) - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178) - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914) - CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bsc#979021). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415) - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212) - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application (bnc#1027066) - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722) - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024) - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235) - CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c (bsc#1008374). The following non-security bugs were fixed: - NFSD: do not risk using duplicate owner/file/delegation ids (bsc#1029212). - RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#982783, bsc#1026260). - SUNRPC: Clean up the slot table allocation (bsc#1013862). - SUNRPC: Initalise the struct xprt upon allocation (bsc#1013862). - USB: cdc-acm: fix broken runtime suspend (bsc#1033771). - USB: cdc-acm: fix open and suspend race (bsc#1033771). - USB: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771). - USB: cdc-acm: fix runtime PM for control messages (bsc#1033771). - USB: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771). - USB: cdc-acm: fix shutdown and suspend race (bsc#1033771). - USB: cdc-acm: fix write and resume race (bsc#1033771). - USB: cdc-acm: fix write and suspend race (bsc#1033771). - USB: hub: Fix crash after failure to read BOS descriptor - USB: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794). - USB: serial: kl5kusb105: fix line-state error handling (bsc#1021256). - USB: serial: mos7720: fix NULL-deref at open (bsc#1033816). - USB: serial: mos7720: fix parallel probe (bsc#1033816). - USB: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816). - USB: serial: mos7720: fix use-after-free on probe errors (bsc#1033816). - USB: serial: mos7840: fix NULL-deref at open (bsc#1034026). - USB: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014). - Update metadata for serial fixes (bsc#1013070) - Use PF_LESS_THROTTLE in loop device thread (bsc#1027101). - clocksource: Remove "weak" from clocksource_default_clock() declaration (bnc#1013018). - dlm: backport "fix lvb invalidation conditions" (bsc#1005651). - drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81) - enic: set skb->hash type properly (bsc#911105). - ext4: fix mballoc breakage with 64k block size (bsc#1013018). - ext4: fix stack memory corruption with 64k block size (bsc#1013018). - ext4: reject inodes with negative size (bsc#1013018). - fuse: initialize fc->release before calling it (bsc#1013018). - i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561). - i40e/i40evf: Fix mixed size frags and linearization (bsc#985561). - i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561). - i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561). - i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561). - i40e: Impose a lower limit on gso size (bsc#985561). - i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561). - i40e: avoid null pointer dereference (bsc#909486). - jbd: Fix oops in journal_remove_journal_head() (bsc#1017143). - jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229). - kABI: mask struct xfs_icdinode change (bsc#1024788). - kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508). - kabi: fix (bsc#1008893). - lockd: use init_utsname for id encoding (bsc#1033804). - lockd: use rpc client's cl_nodename for id encoding (bsc#1033804). - md linear: fix a race between linear_add() and linear_congested() (bsc#1018446). - md/linear: shutup lockdep warnning (bsc#1018446). - mm/mempolicy.c: do not put mempolicy before using its nodemask (bnc#931620). - ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018). - ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800). - ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018). - ocfs2: null deref on allocation error (bsc#1013018). - pciback: only check PF if actually dealing with a VF (bsc#999245). - pciback: use pci_physfn() (bsc#999245). - posix-timers: Fix stack info leak in timer_create() (bnc#1013018). - powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163). - powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971). - powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141). - powerpc/fadump: Update fadump documentation (bsc#1032141). - powerpc/nvram: Fix an incorrect partition merge (bsc#1016489). - powerpc/vdso64: Use double word compare on pointers (bsc#1016489). - rcu: Call out dangers of expedited RCU primitives (bsc#1008893). - rcu: Direct algorithmic SRCU implementation (bsc#1008893). - rcu: Flip ->completed only once per SRCU grace period (bsc#1008893). - rcu: Implement a variant of Peter's SRCU algorithm (bsc#1008893). - rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893). - rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893). - s390/kmsg: add missing kmsg descriptions (bnc#1025702). - s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702). - s390/zcrypt: Introduce CEX6 toleration - sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018). - sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018). - scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702). - scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702). - scsi: zfcp: fix use-after-"free" in FC ingress path after TMF (bnc#1025702). - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702). - sfc: reduce severity of PIO buffer alloc failures (bsc#1019168). - tcp: abort orphan sockets stalling on zero window probes (bsc#1021913). - vfs: split generic splice code from i_mutex locking (bsc#1024788). - virtio_scsi: fix memory leak on full queue condition (bsc#1028880). - vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770). - xen-blkfront: correct maximum segment accounting (bsc#1018263). - xen-blkfront: do not call talk_to_blkback when already connected to blkback. - xen-blkfront: free resources if xlvbd_alloc_gendisk fails. - xfs: Fix lock ordering in splice write (bsc#1024788). - xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788). - xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508). - xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508). - xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056). - xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888). - xfs: kill xfs_itruncate_start (bsc#1024788). - xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788). - xfs: remove the i_size field in struct xfs_inode (bsc#1024788). - xfs: remove xfs_itruncate_data (bsc#1024788). - xfs: replace global xfslogd wq with per-mount wq (bsc#1024508). - xfs: split xfs_itruncate_finish (bsc#1024788). - xfs: split xfs_setattr (bsc#1024788). - xfs: track and serialize in-flight async buffers against unmount (bsc#1024508). - xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-linux-kernel-13105=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-linux-kernel-13105=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-linux-kernel-13105=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-linux-kernel-13105=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-100.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-100.1 kernel-default-base-3.0.101-100.1 kernel-default-devel-3.0.101-100.1 kernel-source-3.0.101-100.1 kernel-syms-3.0.101-100.1 kernel-trace-3.0.101-100.1 kernel-trace-base-3.0.101-100.1 kernel-trace-devel-3.0.101-100.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-100.1 kernel-ec2-base-3.0.101-100.1 kernel-ec2-devel-3.0.101-100.1 kernel-xen-3.0.101-100.1 kernel-xen-base-3.0.101-100.1 kernel-xen-devel-3.0.101-100.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-100.1 kernel-bigmem-base-3.0.101-100.1 kernel-bigmem-devel-3.0.101-100.1 kernel-ppc64-3.0.101-100.1 kernel-ppc64-base-3.0.101-100.1 kernel-ppc64-devel-3.0.101-100.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-100.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-100.1 kernel-pae-base-3.0.101-100.1 kernel-pae-devel-3.0.101-100.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-100.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-100.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-100.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-100.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-100.1 kernel-default-debugsource-3.0.101-100.1 kernel-trace-debuginfo-3.0.101-100.1 kernel-trace-debugsource-3.0.101-100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-100.1 kernel-trace-devel-debuginfo-3.0.101-100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-100.1 kernel-ec2-debugsource-3.0.101-100.1 kernel-xen-debuginfo-3.0.101-100.1 kernel-xen-debugsource-3.0.101-100.1 kernel-xen-devel-debuginfo-3.0.101-100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-100.1 kernel-bigmem-debugsource-3.0.101-100.1 kernel-ppc64-debuginfo-3.0.101-100.1 kernel-ppc64-debugsource-3.0.101-100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-100.1 kernel-pae-debugsource-3.0.101-100.1 kernel-pae-devel-debuginfo-3.0.101-100.1 References: https://www.suse.com/security/cve/CVE-2015-3288.html https://www.suse.com/security/cve/CVE-2015-8970.html https://www.suse.com/security/cve/CVE-2016-10200.html https://www.suse.com/security/cve/CVE-2016-5243.html https://www.suse.com/security/cve/CVE-2017-2671.html https://www.suse.com/security/cve/CVE-2017-5669.html https://www.suse.com/security/cve/CVE-2017-5970.html https://www.suse.com/security/cve/CVE-2017-5986.html https://www.suse.com/security/cve/CVE-2017-6074.html https://www.suse.com/security/cve/CVE-2017-6214.html https://www.suse.com/security/cve/CVE-2017-6348.html https://www.suse.com/security/cve/CVE-2017-6353.html https://www.suse.com/security/cve/CVE-2017-7184.html https://www.suse.com/security/cve/CVE-2017-7187.html https://www.suse.com/security/cve/CVE-2017-7261.html https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://www.suse.com/security/cve/CVE-2017-7616.html https://bugzilla.suse.com/1005651 https://bugzilla.suse.com/1008374 https://bugzilla.suse.com/1008893 https://bugzilla.suse.com/1013018 https://bugzilla.suse.com/1013070 https://bugzilla.suse.com/1013800 https://bugzilla.suse.com/1013862 https://bugzilla.suse.com/1016489 https://bugzilla.suse.com/1017143 https://bugzilla.suse.com/1018263 https://bugzilla.suse.com/1018446 https://bugzilla.suse.com/1019168 https://bugzilla.suse.com/1020229 https://bugzilla.suse.com/1021256 https://bugzilla.suse.com/1021913 https://bugzilla.suse.com/1022971 https://bugzilla.suse.com/1023014 https://bugzilla.suse.com/1023163 https://bugzilla.suse.com/1023888 https://bugzilla.suse.com/1024508 https://bugzilla.suse.com/1024788 https://bugzilla.suse.com/1024938 https://bugzilla.suse.com/1025235 https://bugzilla.suse.com/1025702 https://bugzilla.suse.com/1026024 https://bugzilla.suse.com/1026260 https://bugzilla.suse.com/1026722 https://bugzilla.suse.com/1026914 https://bugzilla.suse.com/1027066 https://bugzilla.suse.com/1027101 https://bugzilla.suse.com/1027178 https://bugzilla.suse.com/1028415 https://bugzilla.suse.com/1028880 https://bugzilla.suse.com/1029212 https://bugzilla.suse.com/1029770 https://bugzilla.suse.com/1030213 https://bugzilla.suse.com/1030573 https://bugzilla.suse.com/1031003 https://bugzilla.suse.com/1031052 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031579 https://bugzilla.suse.com/1032141 https://bugzilla.suse.com/1033336 https://bugzilla.suse.com/1033771 https://bugzilla.suse.com/1033794 https://bugzilla.suse.com/1033804 https://bugzilla.suse.com/1033816 https://bugzilla.suse.com/1034026 https://bugzilla.suse.com/909486 https://bugzilla.suse.com/911105 https://bugzilla.suse.com/931620 https://bugzilla.suse.com/979021 https://bugzilla.suse.com/982783 https://bugzilla.suse.com/983212 https://bugzilla.suse.com/985561 https://bugzilla.suse.com/988065 https://bugzilla.suse.com/989056 https://bugzilla.suse.com/995542 https://bugzilla.suse.com/999245 From sle-security-updates at lists.suse.com Mon May 15 13:45:02 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 15 May 2017 21:45:02 +0200 (CEST) Subject: SUSE-SU-2017:1302-1: important: Security update for Linux Kernel Live Patch 19 for SLE 12 Message-ID: <20170515194502.C825F101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1302-1 Rating: important References: #1030575 #1031660 Cross-References: CVE-2017-7308 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.61-52_66 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-764=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-764=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_66-default-4-2.1 kgraft-patch-3_12_61-52_66-xen-4-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_66-default-4-2.1 kgraft-patch-3_12_61-52_66-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Mon May 15 16:08:56 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 00:08:56 +0200 (CEST) Subject: SUSE-SU-2017:1303-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 Message-ID: <20170515220856.BD1FD101C3@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1303-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.21-69 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-784=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-69-default-6-17.2 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Tue May 16 10:11:17 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 18:11:17 +0200 (CEST) Subject: SUSE-SU-2017:1305-1: moderate: Security update for Botan Message-ID: <20170516161117.37046101C4@maintenance.suse.de> SUSE Security Update: Security update for Botan ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1305-1 Rating: moderate References: #1013209 #968030 Cross-References: CVE-2015-7827 CVE-2016-9132 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for Botan fixes the following issues: - CVE-2015-7827: PKCS #1 v1.5 decoding was not constant time, it could be used to mount a Bleichenbacher million-message attack (bsc#968030) - CVE-2016-9132: While decoding BER length fields, an integer overflow could occur leading to a denial-of-service (bsc#1013209) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-Botan-13106=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-Botan-13106=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libbotan-devel-1.6.5-4.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): Botan-debuginfo-1.6.5-4.1 Botan-debugsource-1.6.5-4.1 References: https://www.suse.com/security/cve/CVE-2015-7827.html https://www.suse.com/security/cve/CVE-2016-9132.html https://bugzilla.suse.com/1013209 https://bugzilla.suse.com/968030 From sle-security-updates at lists.suse.com Tue May 16 10:11:54 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 18:11:54 +0200 (CEST) Subject: SUSE-SU-2017:1306-1: important: Security update for libtirpc Message-ID: <20170516161154.C709C101C5@maintenance.suse.de> SUSE Security Update: Security update for libtirpc ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1306-1 Rating: important References: #1037559 Cross-References: CVE-2017-8779 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libtirpc fixes the following issues: - CVE-2017-8779: crafted UDP packaged could lead rpcbind to denial-of-service (bsc#1037559) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-788=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-788=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-788=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libtirpc-debugsource-0.2.3-13.3.1 libtirpc-devel-0.2.3-13.3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libtirpc-debugsource-0.2.3-13.3.1 libtirpc1-0.2.3-13.3.1 libtirpc1-debuginfo-0.2.3-13.3.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libtirpc1-32bit-0.2.3-13.3.1 libtirpc1-debuginfo-32bit-0.2.3-13.3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libtirpc-debugsource-0.2.3-13.3.1 libtirpc1-0.2.3-13.3.1 libtirpc1-32bit-0.2.3-13.3.1 libtirpc1-debuginfo-0.2.3-13.3.1 libtirpc1-debuginfo-32bit-0.2.3-13.3.1 References: https://www.suse.com/security/cve/CVE-2017-8779.html https://bugzilla.suse.com/1037559 From sle-security-updates at lists.suse.com Tue May 16 10:13:16 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 18:13:16 +0200 (CEST) Subject: SUSE-SU-2017:1308-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2 Message-ID: <20170516161316.90F80101C4@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1308-1 Rating: important References: #1030575 #1031440 #1031481 #1031660 Cross-References: CVE-2017-7294 CVE-2017-7308 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for the Linux Kernel 4.4.49-92_14 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-786=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_49-92_14-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 From sle-security-updates at lists.suse.com Tue May 16 13:09:26 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:09:26 +0200 (CEST) Subject: SUSE-SU-2017:1311-1: important: Security update for mariadb Message-ID: <20170516190926.733E5101C7@maintenance.suse.de> SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1311-1 Rating: important References: #1020890 #1020976 #1022428 #1034911 Cross-References: CVE-2017-3302 CVE-2017-3313 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for mariadb fixes the following issues: - update to MariaDB 10.0.30 GA * notable changes: * XtraDB updated to 5.6.35-80.0 * TokuDB updated to 5.6.35-80.0 * PCRE updated to 8.40 * MDEV-11027: better InnoDB crash recovery progress reporting * MDEV-11520: improvements to how InnoDB data files are extended * Improvements to InnoDB startup/shutdown to make it more robust * MDEV-11233: fix for FULLTEXT index crash * MDEV-6143: MariaDB Linux binary tarballs will now always untar to directories that match their filename * release notes and changelog: * https://kb.askmonty.org/en/mariadb-10030-release-notes * https://kb.askmonty.org/en/mariadb-10030-changelog * fixes the following CVEs: CVE-2017-3313: unspecified vulnerability affecting the MyISAM component [bsc#1020890] CVE-2017-3302: Use after free in libmysqlclient.so [bsc#1022428] - set the default umask to 077 in rc.mysql-multi [bsc#1020976] - [bsc#1034911] - tracker bug - increase build disk size from 10 GB to 13 GB in order to fix build for aarch64 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-792=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-792=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): libmysqlclient-devel-10.0.30-20.26.1 libmysqlclient18-10.0.30-20.26.1 libmysqlclient18-32bit-10.0.30-20.26.1 libmysqlclient18-debuginfo-10.0.30-20.26.1 libmysqlclient18-debuginfo-32bit-10.0.30-20.26.1 libmysqlclient_r18-10.0.30-20.26.1 libmysqld-devel-10.0.30-20.26.1 libmysqld18-10.0.30-20.26.1 libmysqld18-debuginfo-10.0.30-20.26.1 mariadb-10.0.30-20.26.1 mariadb-client-10.0.30-20.26.1 mariadb-client-debuginfo-10.0.30-20.26.1 mariadb-debuginfo-10.0.30-20.26.1 mariadb-debugsource-10.0.30-20.26.1 mariadb-errormessages-10.0.30-20.26.1 mariadb-tools-10.0.30-20.26.1 mariadb-tools-debuginfo-10.0.30-20.26.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): libmysqlclient-devel-10.0.30-20.26.1 libmysqlclient18-10.0.30-20.26.1 libmysqlclient18-32bit-10.0.30-20.26.1 libmysqlclient18-debuginfo-10.0.30-20.26.1 libmysqlclient18-debuginfo-32bit-10.0.30-20.26.1 libmysqlclient_r18-10.0.30-20.26.1 libmysqld-devel-10.0.30-20.26.1 libmysqld18-10.0.30-20.26.1 libmysqld18-debuginfo-10.0.30-20.26.1 mariadb-10.0.30-20.26.1 mariadb-client-10.0.30-20.26.1 mariadb-client-debuginfo-10.0.30-20.26.1 mariadb-debuginfo-10.0.30-20.26.1 mariadb-debugsource-10.0.30-20.26.1 mariadb-errormessages-10.0.30-20.26.1 mariadb-tools-10.0.30-20.26.1 mariadb-tools-debuginfo-10.0.30-20.26.1 References: https://www.suse.com/security/cve/CVE-2017-3302.html https://www.suse.com/security/cve/CVE-2017-3313.html https://bugzilla.suse.com/1020890 https://bugzilla.suse.com/1020976 https://bugzilla.suse.com/1022428 https://bugzilla.suse.com/1034911 From sle-security-updates at lists.suse.com Tue May 16 13:12:50 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:12:50 +0200 (CEST) Subject: SUSE-SU-2017:1313-1: moderate: Security update for libxslt Message-ID: <20170516191250.B750A101C7@maintenance.suse.de> SUSE Security Update: Security update for libxslt ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1313-1 Rating: moderate References: #1005591 #1035905 #934119 #952474 Cross-References: CVE-2015-7995 CVE-2015-9019 CVE-2016-4738 CVE-2017-5029 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page (bsc#1035905). - CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string (bsc#1005591). - CVE-2015-9019: Properly initialize random generator (bsc#934119). - CVE-2015-7995: Vulnerability in function xsltStylePreCompute" in preproc.c could cause a type confusion leading to DoS. (bsc#952474) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-793=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-793=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-793=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-793=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-793=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-793=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-793=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-devel-1.1.28-16.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-devel-1.1.28-16.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libxslt-debugsource-1.1.28-16.1 libxslt-tools-1.1.28-16.1 libxslt-tools-debuginfo-1.1.28-16.1 libxslt1-1.1.28-16.1 libxslt1-debuginfo-1.1.28-16.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-tools-1.1.28-16.1 libxslt-tools-debuginfo-1.1.28-16.1 libxslt1-1.1.28-16.1 libxslt1-debuginfo-1.1.28-16.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libxslt1-32bit-1.1.28-16.1 libxslt1-debuginfo-32bit-1.1.28-16.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-tools-1.1.28-16.1 libxslt-tools-debuginfo-1.1.28-16.1 libxslt1-1.1.28-16.1 libxslt1-debuginfo-1.1.28-16.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libxslt1-32bit-1.1.28-16.1 libxslt1-debuginfo-32bit-1.1.28-16.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-tools-1.1.28-16.1 libxslt-tools-debuginfo-1.1.28-16.1 libxslt1-1.1.28-16.1 libxslt1-32bit-1.1.28-16.1 libxslt1-debuginfo-1.1.28-16.1 libxslt1-debuginfo-32bit-1.1.28-16.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libxslt-debugsource-1.1.28-16.1 libxslt-tools-1.1.28-16.1 libxslt-tools-debuginfo-1.1.28-16.1 libxslt1-1.1.28-16.1 libxslt1-32bit-1.1.28-16.1 libxslt1-debuginfo-1.1.28-16.1 libxslt1-debuginfo-32bit-1.1.28-16.1 References: https://www.suse.com/security/cve/CVE-2015-7995.html https://www.suse.com/security/cve/CVE-2015-9019.html https://www.suse.com/security/cve/CVE-2016-4738.html https://www.suse.com/security/cve/CVE-2017-5029.html https://bugzilla.suse.com/1005591 https://bugzilla.suse.com/1035905 https://bugzilla.suse.com/934119 https://bugzilla.suse.com/952474 From sle-security-updates at lists.suse.com Tue May 16 13:13:41 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:13:41 +0200 (CEST) Subject: SUSE-SU-2017:1314-1: important: Security update for libtirpc Message-ID: <20170516191341.0566F101C4@maintenance.suse.de> SUSE Security Update: Security update for libtirpc ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1314-1 Rating: important References: #1037559 Cross-References: CVE-2017-8779 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libtirpc fixes the following issues: - CVE-2017-8779: crafted UDP packaged could lead rpcbind to denial-of-service (bsc#1037559) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-796=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-796=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-796=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-796=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libtirpc-debugsource-1.0.1-16.1 libtirpc-devel-1.0.1-16.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libtirpc-debugsource-1.0.1-16.1 libtirpc-netconfig-1.0.1-16.1 libtirpc3-1.0.1-16.1 libtirpc3-debuginfo-1.0.1-16.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libtirpc-debugsource-1.0.1-16.1 libtirpc-netconfig-1.0.1-16.1 libtirpc3-1.0.1-16.1 libtirpc3-debuginfo-1.0.1-16.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libtirpc3-32bit-1.0.1-16.1 libtirpc3-debuginfo-32bit-1.0.1-16.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libtirpc-debugsource-1.0.1-16.1 libtirpc-netconfig-1.0.1-16.1 libtirpc3-1.0.1-16.1 libtirpc3-32bit-1.0.1-16.1 libtirpc3-debuginfo-1.0.1-16.1 libtirpc3-debuginfo-32bit-1.0.1-16.1 References: https://www.suse.com/security/cve/CVE-2017-8779.html https://bugzilla.suse.com/1037559 From sle-security-updates at lists.suse.com Tue May 16 13:14:06 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:14:06 +0200 (CEST) Subject: SUSE-SU-2017:1315-1: important: Security update for mariadb Message-ID: <20170516191406.A0DE1101C4@maintenance.suse.de> SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1315-1 Rating: important References: #1020868 #1020890 #1020976 #1022428 #1034911 #996821 Cross-References: CVE-2017-3302 CVE-2017-3313 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for mariadb fixes the following issues: - update to MariaDB 10.0.30 GA * notable changes: * XtraDB updated to 5.6.35-80.0 * TokuDB updated to 5.6.35-80.0 * PCRE updated to 8.40 * MDEV-11027: better InnoDB crash recovery progress reporting * MDEV-11520: improvements to how InnoDB data files are extended * Improvements to InnoDB startup/shutdown to make it more robust * MDEV-11233: fix for FULLTEXT index crash * MDEV-6143: MariaDB Linux binary tarballs will now always untar to directories that match their filename * release notes and changelog: * https://kb.askmonty.org/en/mariadb-10030-release-notes * https://kb.askmonty.org/en/mariadb-10030-changelog * fixes the following CVEs: CVE-2017-3313: unspecified vulnerability affecting the MyISAM component [bsc#1020890] CVE-2017-3302: Use after free in libmysqlclient.so [bsc#1022428] - set the default umask to 077 in mysql-systemd-helper [bsc#1020976] - [bsc#1034911] - tracker bug * fixes also [bsc#1020868] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-795=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-795=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-795=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-795=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-795=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-795=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-795=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-795=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-795=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libmysqlclient_r18-10.0.30-25.1 libmysqlclient_r18-32bit-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libmysqlclient_r18-10.0.30-25.1 libmysqlclient_r18-32bit-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libmysqlclient-devel-10.0.30-25.1 libmysqlclient_r18-10.0.30-25.1 libmysqld-devel-10.0.30-25.1 libmysqld18-10.0.30-25.1 libmysqld18-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libmysqlclient-devel-10.0.30-25.1 libmysqlclient_r18-10.0.30-25.1 libmysqld-devel-10.0.30-25.1 libmysqld18-10.0.30-25.1 libmysqld18-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libmysqlclient18-10.0.30-25.1 libmysqlclient18-debuginfo-10.0.30-25.1 mariadb-10.0.30-25.1 mariadb-client-10.0.30-25.1 mariadb-client-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 mariadb-errormessages-10.0.30-25.1 mariadb-tools-10.0.30-25.1 mariadb-tools-debuginfo-10.0.30-25.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libmysqlclient18-10.0.30-25.1 libmysqlclient18-debuginfo-10.0.30-25.1 mariadb-10.0.30-25.1 mariadb-client-10.0.30-25.1 mariadb-client-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 mariadb-errormessages-10.0.30-25.1 mariadb-tools-10.0.30-25.1 mariadb-tools-debuginfo-10.0.30-25.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libmysqlclient18-32bit-10.0.30-25.1 libmysqlclient18-debuginfo-32bit-10.0.30-25.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libmysqlclient18-10.0.30-25.1 libmysqlclient18-debuginfo-10.0.30-25.1 mariadb-10.0.30-25.1 mariadb-client-10.0.30-25.1 mariadb-client-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 mariadb-errormessages-10.0.30-25.1 mariadb-tools-10.0.30-25.1 mariadb-tools-debuginfo-10.0.30-25.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libmysqlclient18-32bit-10.0.30-25.1 libmysqlclient18-debuginfo-32bit-10.0.30-25.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libmysqlclient18-10.0.30-25.1 libmysqlclient18-32bit-10.0.30-25.1 libmysqlclient18-debuginfo-10.0.30-25.1 libmysqlclient18-debuginfo-32bit-10.0.30-25.1 libmysqlclient_r18-10.0.30-25.1 libmysqlclient_r18-32bit-10.0.30-25.1 mariadb-10.0.30-25.1 mariadb-client-10.0.30-25.1 mariadb-client-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 mariadb-errormessages-10.0.30-25.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libmysqlclient18-10.0.30-25.1 libmysqlclient18-32bit-10.0.30-25.1 libmysqlclient18-debuginfo-10.0.30-25.1 libmysqlclient18-debuginfo-32bit-10.0.30-25.1 libmysqlclient_r18-10.0.30-25.1 libmysqlclient_r18-32bit-10.0.30-25.1 mariadb-10.0.30-25.1 mariadb-client-10.0.30-25.1 mariadb-client-debuginfo-10.0.30-25.1 mariadb-debuginfo-10.0.30-25.1 mariadb-debugsource-10.0.30-25.1 mariadb-errormessages-10.0.30-25.1 References: https://www.suse.com/security/cve/CVE-2017-3302.html https://www.suse.com/security/cve/CVE-2017-3313.html https://bugzilla.suse.com/1020868 https://bugzilla.suse.com/1020890 https://bugzilla.suse.com/1020976 https://bugzilla.suse.com/1022428 https://bugzilla.suse.com/1034911 https://bugzilla.suse.com/996821 From sle-security-updates at lists.suse.com Tue May 16 13:15:06 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:15:06 +0200 (CEST) Subject: SUSE-SU-2017:1316-1: moderate: Security update for rubygem-passenger Message-ID: <20170516191506.357C0101C4@maintenance.suse.de> SUSE Security Update: Security update for rubygem-passenger ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1316-1 Rating: moderate References: #1034594 Cross-References: CVE-2016-10345 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-passenger fixes this security issue: - CVE-2016-10345: A known /tmp filename was used during passenger-install-nginx-module execution, which could have allowed local attackers to gain the privileges of the passenger user (bsc#1034594). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-passenger-13107=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-passenger-13107=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-passenger-13107=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-passenger-3.0.14-0.17.1 rubygem-passenger-nginx-3.0.14-0.17.1 - SUSE Studio Onsite 1.3 (x86_64): rubygem-passenger-3.0.14-0.17.1 rubygem-passenger-nginx-3.0.14-0.17.1 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-passenger-3.0.14-0.17.1 rubygem-passenger-apache2-3.0.14-0.17.1 rubygem-passenger-nginx-3.0.14-0.17.1 References: https://www.suse.com/security/cve/CVE-2016-10345.html https://bugzilla.suse.com/1034594 From sle-security-updates at lists.suse.com Tue May 16 13:15:41 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 16 May 2017 21:15:41 +0200 (CEST) Subject: SUSE-SU-2017:1317-1: moderate: Security update for bash Message-ID: <20170516191541.75D8C101C7@maintenance.suse.de> SUSE Security Update: Security update for bash ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1317-1 Rating: moderate References: #1010845 #1035371 Cross-References: CVE-2016-9401 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr(1) inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-794=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-794=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-794=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-794=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-794=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-794=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): bash-lang-4.3-82.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): bash-debuginfo-4.3-82.1 bash-debugsource-4.3-82.1 bash-devel-4.3-82.1 readline-devel-6.3-82.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): bash-4.3-82.1 bash-debuginfo-4.3-82.1 bash-debugsource-4.3-82.1 libreadline6-6.3-82.1 libreadline6-debuginfo-6.3-82.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): bash-doc-4.3-82.1 readline-doc-6.3-82.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): bash-4.3-82.1 bash-debuginfo-4.3-82.1 bash-debugsource-4.3-82.1 libreadline6-6.3-82.1 libreadline6-debuginfo-6.3-82.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): bash-doc-4.3-82.1 readline-doc-6.3-82.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libreadline6-32bit-6.3-82.1 libreadline6-debuginfo-32bit-6.3-82.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): bash-4.3-82.1 bash-debuginfo-4.3-82.1 bash-debugsource-4.3-82.1 libreadline6-32bit-6.3-82.1 libreadline6-6.3-82.1 libreadline6-debuginfo-32bit-6.3-82.1 libreadline6-debuginfo-6.3-82.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): bash-doc-4.3-82.1 bash-lang-4.3-82.1 readline-doc-6.3-82.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): bash-4.3-82.1 bash-debuginfo-4.3-82.1 bash-debugsource-4.3-82.1 libreadline6-6.3-82.1 libreadline6-debuginfo-6.3-82.1 References: https://www.suse.com/security/cve/CVE-2016-9401.html https://bugzilla.suse.com/1010845 https://bugzilla.suse.com/1035371 From sle-security-updates at lists.suse.com Wed May 17 04:09:27 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 17 May 2017 12:09:27 +0200 (CEST) Subject: SUSE-SU-2017:1322-1: important: Security update for ghostscript-library Message-ID: <20170517100928.00137101C7@maintenance.suse.de> SUSE Security Update: Security update for ghostscript-library ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1322-1 Rating: important References: #1036453 Cross-References: CVE-2017-8291 Affected Products: SUSE OpenStack Cloud 5 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453) This update is a reissue including the SUSE Linux Enterprise 11 SP3 product. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-ghostscript-library-13109=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ghostscript-library-13109=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ghostscript-library-13109=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-ghostscript-library-13109=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-ghostscript-library-13109=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ghostscript-library-13109=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-ghostscript-library-13109=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): ghostscript-fonts-other-8.62-32.46.1 ghostscript-fonts-rus-8.62-32.46.1 ghostscript-fonts-std-8.62-32.46.1 ghostscript-library-8.62-32.46.1 ghostscript-omni-8.62-32.46.1 ghostscript-x11-8.62-32.46.1 libgimpprint-4.2.7-32.46.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-devel-8.62-32.46.1 ghostscript-ijs-devel-8.62-32.46.1 libgimpprint-devel-4.2.7-32.46.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-fonts-other-8.62-32.46.1 ghostscript-fonts-rus-8.62-32.46.1 ghostscript-fonts-std-8.62-32.46.1 ghostscript-library-8.62-32.46.1 ghostscript-omni-8.62-32.46.1 ghostscript-x11-8.62-32.46.1 libgimpprint-4.2.7-32.46.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): ghostscript-fonts-other-8.62-32.46.1 ghostscript-fonts-rus-8.62-32.46.1 ghostscript-fonts-std-8.62-32.46.1 ghostscript-library-8.62-32.46.1 ghostscript-omni-8.62-32.46.1 ghostscript-x11-8.62-32.46.1 libgimpprint-4.2.7-32.46.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): ghostscript-fonts-other-8.62-32.46.1 ghostscript-fonts-rus-8.62-32.46.1 ghostscript-fonts-std-8.62-32.46.1 ghostscript-library-8.62-32.46.1 ghostscript-omni-8.62-32.46.1 ghostscript-x11-8.62-32.46.1 libgimpprint-4.2.7-32.46.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ghostscript-library-debuginfo-8.62-32.46.1 ghostscript-library-debugsource-8.62-32.46.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): ghostscript-library-debuginfo-8.62-32.46.1 ghostscript-library-debugsource-8.62-32.46.1 References: https://www.suse.com/security/cve/CVE-2017-8291.html https://bugzilla.suse.com/1036453 From sle-security-updates at lists.suse.com Thu May 18 10:09:50 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 18 May 2017 18:09:50 +0200 (CEST) Subject: SUSE-SU-2017:1328-1: important: Security update for rpcbind Message-ID: <20170518160950.91DC7101C8@maintenance.suse.de> SUSE Security Update: Security update for rpcbind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1328-1 Rating: important References: #1037559 Cross-References: CVE-2017-8779 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service (bsc#1037559) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-803=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-803=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-803=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): rpcbind-0.2.3-23.1 rpcbind-debuginfo-0.2.3-23.1 rpcbind-debugsource-0.2.3-23.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): rpcbind-0.2.3-23.1 rpcbind-debuginfo-0.2.3-23.1 rpcbind-debugsource-0.2.3-23.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): rpcbind-0.2.3-23.1 rpcbind-debuginfo-0.2.3-23.1 rpcbind-debugsource-0.2.3-23.1 References: https://www.suse.com/security/cve/CVE-2017-8779.html https://bugzilla.suse.com/1037559 From sle-security-updates at lists.suse.com Thu May 18 10:23:42 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 18 May 2017 18:23:42 +0200 (CEST) Subject: SUSE-SU-2017:1335-1: important: Security update for kdelibs4 Message-ID: <20170518162342.D04A6101C8@maintenance.suse.de> SUSE Security Update: Security update for kdelibs4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1335-1 Rating: important References: #1036244 Cross-References: CVE-2017-8422 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kdelibs4 fixes the following issues: - CVE-2017-8422: This update fixes problem in the DBUS authentication of the kauth framework that could be used to escalate privileges depending on bugs or misimplemented dbus services. (boo#1036244) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-805=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-805=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-805=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-805=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-805=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): kdelibs4-debuginfo-4.12.0-10.1 kdelibs4-debugsource-4.12.0-10.1 libkde4-4.12.0-10.1 libkde4-debuginfo-4.12.0-10.1 libkdecore4-4.12.0-10.1 libkdecore4-debuginfo-4.12.0-10.1 libksuseinstall1-4.12.0-10.1 libksuseinstall1-debuginfo-4.12.0-10.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): kdelibs4-debuginfo-4.12.0-10.1 kdelibs4-debugsource-4.12.0-10.1 libkde4-4.12.0-10.1 libkde4-debuginfo-4.12.0-10.1 libkdecore4-4.12.0-10.1 libkdecore4-debuginfo-4.12.0-10.1 libksuseinstall1-4.12.0-10.1 libksuseinstall1-debuginfo-4.12.0-10.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libkde4-32bit-4.12.0-10.1 libkde4-debuginfo-32bit-4.12.0-10.1 libkdecore4-32bit-4.12.0-10.1 libkdecore4-debuginfo-32bit-4.12.0-10.1 libksuseinstall1-32bit-4.12.0-10.1 libksuseinstall1-debuginfo-32bit-4.12.0-10.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kdelibs4-debuginfo-4.12.0-10.1 kdelibs4-debugsource-4.12.0-10.1 libkde4-4.12.0-10.1 libkde4-debuginfo-4.12.0-10.1 libkdecore4-4.12.0-10.1 libkdecore4-debuginfo-4.12.0-10.1 libksuseinstall1-4.12.0-10.1 libksuseinstall1-debuginfo-4.12.0-10.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libkde4-32bit-4.12.0-10.1 libkde4-debuginfo-32bit-4.12.0-10.1 libkdecore4-32bit-4.12.0-10.1 libkdecore4-debuginfo-32bit-4.12.0-10.1 libksuseinstall1-32bit-4.12.0-10.1 libksuseinstall1-debuginfo-32bit-4.12.0-10.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): kdelibs4-debuginfo-4.12.0-10.1 kdelibs4-debugsource-4.12.0-10.1 libkde4-32bit-4.12.0-10.1 libkde4-4.12.0-10.1 libkde4-debuginfo-32bit-4.12.0-10.1 libkde4-debuginfo-4.12.0-10.1 libkdecore4-32bit-4.12.0-10.1 libkdecore4-4.12.0-10.1 libkdecore4-debuginfo-32bit-4.12.0-10.1 libkdecore4-debuginfo-4.12.0-10.1 libksuseinstall1-32bit-4.12.0-10.1 libksuseinstall1-4.12.0-10.1 libksuseinstall1-debuginfo-32bit-4.12.0-10.1 libksuseinstall1-debuginfo-4.12.0-10.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kdelibs4-debuginfo-4.12.0-10.1 kdelibs4-debugsource-4.12.0-10.1 libkde4-32bit-4.12.0-10.1 libkde4-4.12.0-10.1 libkde4-debuginfo-32bit-4.12.0-10.1 libkde4-debuginfo-4.12.0-10.1 libkdecore4-32bit-4.12.0-10.1 libkdecore4-4.12.0-10.1 libkdecore4-debuginfo-32bit-4.12.0-10.1 libkdecore4-debuginfo-4.12.0-10.1 libksuseinstall1-32bit-4.12.0-10.1 libksuseinstall1-4.12.0-10.1 libksuseinstall1-debuginfo-32bit-4.12.0-10.1 libksuseinstall1-debuginfo-4.12.0-10.1 References: https://www.suse.com/security/cve/CVE-2017-8422.html https://bugzilla.suse.com/1036244 From sle-security-updates at lists.suse.com Thu May 18 10:24:09 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 18 May 2017 18:24:09 +0200 (CEST) Subject: SUSE-SU-2017:1336-1: important: Security update for rpcbind Message-ID: <20170518162409.1469A101C5@maintenance.suse.de> SUSE Security Update: Security update for rpcbind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1336-1 Rating: important References: #1037559 Cross-References: CVE-2017-8779 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service (bsc#1037559) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-804=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-804=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): rpcbind-0.2.1_rc4-17.3.1 rpcbind-debuginfo-0.2.1_rc4-17.3.1 rpcbind-debugsource-0.2.1_rc4-17.3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): rpcbind-0.2.1_rc4-17.3.1 rpcbind-debuginfo-0.2.1_rc4-17.3.1 rpcbind-debugsource-0.2.1_rc4-17.3.1 References: https://www.suse.com/security/cve/CVE-2017-8779.html https://bugzilla.suse.com/1037559 From sle-security-updates at lists.suse.com Thu May 18 10:24:41 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 18 May 2017 18:24:41 +0200 (CEST) Subject: SUSE-SU-2017:1337-1: Security update for bash Message-ID: <20170518162441.1A082101C8@maintenance.suse.de> SUSE Security Update: Security update for bash ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1337-1 Rating: low References: #1010845 #1031729 #976776 Cross-References: CVE-2016-9401 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for bash fixed several issues This security issue was fixed: - CVE-2016-9401: popd in bash might allowed local users to bypass the restricted shell and cause a use-after-free via a crafted address (bsc#1010845). This non-security issue was fixed: - Fix when HISTSIZE=0 and chattr +a .bash_history (bsc#1031729) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-bash-13111=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-bash-13111=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-bash-13111=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): readline-devel-5.2-147.35.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): readline-devel-32bit-5.2-147.35.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): libreadline5-5.2-147.35.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): bash-3.2-147.35.1 bash-doc-3.2-147.35.1 libreadline5-5.2-147.35.1 readline-doc-5.2-147.35.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libreadline5-32bit-5.2-147.35.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): bash-x86-3.2-147.35.1 libreadline5-x86-5.2-147.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): bash-debuginfo-3.2-147.35.1 bash-debugsource-3.2-147.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): bash-debuginfo-x86-3.2-147.35.1 References: https://www.suse.com/security/cve/CVE-2016-9401.html https://bugzilla.suse.com/1010845 https://bugzilla.suse.com/1031729 https://bugzilla.suse.com/976776 From sle-security-updates at lists.suse.com Thu May 18 22:11:55 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 06:11:55 +0200 (CEST) Subject: SUSE-SU-2017:1346-1: moderate: Security update for SUSE Manager Proxy 3.0 Message-ID: <20170519041155.EF98C101C6@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Proxy 3.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1346-1 Rating: moderate References: #1017422 #1017754 #1020904 #1023233 #1024714 #1025312 #1025758 #1026633 #1027873 #1029755 #1030342 #1031338 #1031659 #1031667 #1032256 #1033383 #1034956 Cross-References: CVE-2017-7470 Affected Products: SUSE Manager Proxy 3.0 ______________________________________________________________________________ An update that solves one vulnerability and has 16 fixes is now available. Description: The following security issue in spacewalk-backend has been fixed: - Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. (bsc#1026633, CVE-2017-7470) Additionally, the following non-security issues have been fixed: rhnlib: - Support all TLS versions in rpclib. (bsc#1025312) spacewalk-backend: - Do not fail with traceback when media.1 does not exist. (bsc#1032256) - Create scap files dir beforehand. (bsc#1029755) - Fix error if SPACEWALK_DEBUG_NO_REPORTS env variable is not present. - Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233) - Add support for running spacewalk-debug without creating reports. (bsc#1024714) - Set scap store dir mod to 775 and group owner to susemanager. - Incomplete_package_import: do import rhnPackageFile as it breaks some package installations. - Added traceback printing to the exception block. - Change postgresql starting commands. spacewalk-certs-tools: - Always restart the minion regardless of its current state. (bsc#1034956) - Correctly honor disabling of SSL in bootstrap script. (bsc#1033383) - Add curl dependency and move mgr-proxy-ssh* to spacewalk-proxy package. - Exit for non-traditional bootstrap scripts. (bsc#1020904) - Rename mgr-ssh-proxy-force-cmd -> mgr-proxy-ssh-force-cmd. - Add mgr-proxy-ssh-force-cmd, mgr-proxy-ssh-push-init to rpm. - Add option to configure only sshd. - Restrictive ssh options for user mgrsshtunnel. spacewalk-client-tools: - Fix reboot message to use correct product name. (bsc#1031667) spacewalk-proxy: - Add curl dependency and move mgr-proxy-ssh* to spacewalk-proxy package. - Lower the use-file-instead-of-memory treshold. (bsc#1030342) spacewalk-proxy-installer: - Do not start firewall on proxy during configuration if not already active. (bsc#1031338) - Salt minions get repodata via a different URL; reflect by additional squid rule. (bsc#1027873) - Only warn if parent ssh-push pub key could not be retrieved. - Generate and auth ssh push keys for user mgrsshtunnel. - Authorize parent salt-ssh key on proxy. - Generate proxy ssh-push key and authorize the previous proxy in the chain. - Generate own ssh-push key for proxy and authorize parent. spacewalk-web: - Remote Commands: Allow Web Socket to be opened on non-standard port. - Improve remote cmd ui err handling. - Show message when waiting for ssh minions times out. - Fix remote cmd ui js err and timed out message. - Remote cmd UI changes for salt-ssh minions. - Fix broken help link for taskstatus. (bsc#1017422) - Add js utility function to create Date objects in different timezones. - Show proxy path in bootstrap UI. - Clear proxy selection when clicking clear fields button. - Check if proxy hostname is FQDN not name in UI. - Show warn in bootstrap UI if proxy hostname is not a FQDN. susemanager-sls: - Add certificate state for CAASP. - Add certificate state for SLES for SAP. (bsc#1031659) - Pre-create empty top.sls with no-op. (bsc#1017754) - Add xccdf result xslt. - Fix mainframesysinfo module to use /proc/sysinfo on SLES11. (bsc#1025758) - Set scap store dir mod to 775 and group owner to susemanager. - Store uploaded scap files. - Set minion own key owner to bootstrap ssh_push_sudo_user. - Runner to generate ssh key and execute cmd via proxies. - Change ssh bootstrap state to generate and auth keys for salt-ssh push with tunnel. - Authorize parent salt-ssh key on proxy. How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2017-827=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 3.0 (noarch): rhnlib-2.5.84.4-6.1 spacewalk-backend-2.5.24.9-22.1 spacewalk-backend-libs-2.5.24.9-22.1 spacewalk-base-minimal-2.5.7.15-21.1 spacewalk-base-minimal-config-2.5.7.15-21.1 spacewalk-certs-tools-2.5.1.8-17.1 spacewalk-check-2.5.13.8-17.2 spacewalk-client-setup-2.5.13.8-17.2 spacewalk-client-tools-2.5.13.8-17.2 spacewalk-proxy-broker-2.5.1.7-15.1 spacewalk-proxy-common-2.5.1.7-15.1 spacewalk-proxy-installer-2.5.2.5-6.1 spacewalk-proxy-management-2.5.1.7-15.1 spacewalk-proxy-package-manager-2.5.1.7-15.1 spacewalk-proxy-redirect-2.5.1.7-15.1 spacewalk-proxy-salt-2.5.1.7-15.1 susemanager-sls-0.1.20-23.1 References: https://www.suse.com/security/cve/CVE-2017-7470.html https://bugzilla.suse.com/1017422 https://bugzilla.suse.com/1017754 https://bugzilla.suse.com/1020904 https://bugzilla.suse.com/1023233 https://bugzilla.suse.com/1024714 https://bugzilla.suse.com/1025312 https://bugzilla.suse.com/1025758 https://bugzilla.suse.com/1026633 https://bugzilla.suse.com/1027873 https://bugzilla.suse.com/1029755 https://bugzilla.suse.com/1030342 https://bugzilla.suse.com/1031338 https://bugzilla.suse.com/1031659 https://bugzilla.suse.com/1031667 https://bugzilla.suse.com/1032256 https://bugzilla.suse.com/1033383 https://bugzilla.suse.com/1034956 From sle-security-updates at lists.suse.com Thu May 18 22:15:13 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 06:15:13 +0200 (CEST) Subject: SUSE-SU-2017:1347-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <20170519041513.4D852101C6@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1347-1 Rating: moderate References: #1023233 #1024406 #1024714 #1025312 #1026633 #1027426 #1029755 #1031667 #1032256 Cross-References: CVE-2017-7470 Affected Products: SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that solves one vulnerability and has 8 fixes is now available. Description: The following security issue in spacewalk-backend has been fixed: - Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. (bsc#1026633, CVE-2017-7470) Additionally, the following non-security issues have been fixed: rhnlib: - Support all TLS versions in rpclib. (bsc#1025312) spacecmd: - Improve output on error for listrepo. (bsc#1027426) - Reword spacecmd removal message. (bsc#1024406) spacewalk-backend: - Do not fail with traceback when media.1 does not exist. (bsc#1032256) - Create scap files directory beforehand. (bsc#1029755) - Fix error if SPACEWALK_DEBUG_NO_REPORTS environment variable is not present. - Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233) - Add support for running spacewalk-debug without creating reports. (bsc#1024714) - Set scap store directory mod to 775 and group owner to susemanager. - incomplete_package_import: Do import rhnPackageFile as it breaks some package installations. - Added traceback printing to the exception block. - Change postgresql starting commands. spacewalk-client-tools: - Fix reboot message to use correct product name. (bsc#1031667) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS: zypper in -t patch slesctsp4-client-tools-201704-13115=1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-client-tools-201704-13115=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): rhnlib-2.5.84.4-8.1 spacecmd-2.5.5.5-14.1 spacewalk-backend-libs-2.5.24.9-24.1 - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (noarch): spacewalk-check-2.5.13.8-23.1 spacewalk-client-setup-2.5.13.8-23.1 spacewalk-client-tools-2.5.13.8-23.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): rhnlib-2.5.84.4-8.1 spacecmd-2.5.5.5-14.1 spacewalk-backend-libs-2.5.24.9-24.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (noarch): spacewalk-check-2.5.13.8-23.1 spacewalk-client-setup-2.5.13.8-23.1 spacewalk-client-tools-2.5.13.8-23.1 References: https://www.suse.com/security/cve/CVE-2017-7470.html https://bugzilla.suse.com/1023233 https://bugzilla.suse.com/1024406 https://bugzilla.suse.com/1024714 https://bugzilla.suse.com/1025312 https://bugzilla.suse.com/1026633 https://bugzilla.suse.com/1027426 https://bugzilla.suse.com/1029755 https://bugzilla.suse.com/1031667 https://bugzilla.suse.com/1032256 From sle-security-updates at lists.suse.com Thu May 18 22:17:23 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 06:17:23 +0200 (CEST) Subject: SUSE-SU-2017:1349-1: moderate: Security update for SUSE Manager Server 3.0 Message-ID: <20170519041723.E1FEB101C6@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Server 3.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1349-1 Rating: moderate References: #1000762 #1009545 #1011964 #1012784 #1013606 #1017418 #1017422 #1017754 #1017772 #1020659 #1020904 #1022530 #1023233 #1024066 #1024406 #1024456 #1024714 #1024863 #1024966 #1025000 #1025275 #1025291 #1025312 #1025421 #1025758 #1025761 #1025775 #1025908 #1026266 #1026301 #1026633 #1027426 #1027852 #1028062 #1028306 #1029755 #1029840 #1030716 #1031092 #1031453 #1031659 #1031667 #1031826 #1031885 #1032256 #1033383 #1033497 #1033731 #1034289 #1034465 #1034956 Cross-References: CVE-2017-7470 Affected Products: SUSE Manager Server 3.0 ______________________________________________________________________________ An update that solves one vulnerability and has 50 fixes is now available. Description: The following security issue in spacewalk-backend has been fixed: - Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. (bsc#1026633, CVE-2017-7470) Additionally, the following non-security issues have been fixed: rhnlib: - Support all TLS versions in rpclib. (bsc#1025312) salt-netapi-client: - Fix date format for Schedule module. (bsc#1034465) spacecmd: - Improve output on error for listrepo. (bsc#1027426) - Reword spacecmd removal message. (bsc#1024406) spacewalk-backend: - Do not fail with traceback when media.1 does not exist. (bsc#1032256) - Create scap files directory beforehand. (bsc#1029755) - Fix error if SPACEWALK_DEBUG_NO_REPORTS environment variable is not present. - Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233) - Add support for running spacewalk-debug without creating reports. (bsc#1024714) - Set scap store directory mod to 775 and group owner to susemanager. - incomplete_package_import: Do import rhnPackageFile as it breaks some package installations. - Added traceback printing to the exception block. - Change postgresql starting commands. spacewalk-certs-tools: - Always restart the minion regardless of its current state. (bsc#1034956) - Correctly honor disabling of SSL in bootstrap script. (bsc#1033383) - Add curl dependency and move mgr-proxy-ssh* to spacewalk-proxy package. - Exit for non-traditional bootstrap scripts. (bsc#1020904) - Rename mgr-ssh-proxy-force-cmd -> mgr-proxy-ssh-force-cmd. - Add mgr-proxy-ssh-force-cmd, mgr-proxy-ssh-push-init to rpm. - Add option to configure only sshd. - Restrictive ssh options for user mgrsshtunnel. spacewalk-client-tools: - Fix reboot message to use correct product name. (bsc#1031667) spacewalk-java: - Fix missing IPs in Overview tab. (bsc#1031453) - Fix scheduling VM deployment in future. (bsc#1034289) - Handle empty set to not produce invalid sql. (bsc#1033497) - Fix SSM group pagination. (bsc#1012784) - Create PooledExecutor with pre-filled queue. (bsc#1030716) - Make sure minion keys can only be seen/managed by appropriate user. (bsc#1025908) - Set action status to 'failed' on uncaught exceptions. (bsc#1013606) - Add missing library to taskomatic classpath. (bsc#1024066) - Set log level to DEBUG for EOFException when the Websocket connection is aborted by the client. (bsc#1031826) - Add a remote command with label as a script to the actionchain. (bsc#1011964) - Fix architecture for default channels lookup. (bsc#1025275) - Change required salt-netapi-client to >= 0.11. - Using stream() during collection processing. - Making salt presence timeouts configurable via rhn.conf. (bsc#1025761) - Avoid blocking synchronous calls if some minions are unreachable. (bsc#1025761) - Excludes unreachable minions from synchronous call to prevent blocking. (bsc#1025761) - Fix LocalDateTimeISOAdapter to parse date string with timezone. (bsc#1024966) - Create scap files directories beforehand. (bsc#1029755) - Make country, state/province and city searchable for system location. (bsc#1020659) - Change incorrect help link. (bsc#1017418) - Don't allow scheduling scap scan if openscap pkg missing from minion. - Make salt aware of rescheduled actions. (bsc#1027852) - Close hibernate session on async salt-ssh call. - Use a small fixed pool so we don't overwhelm the salt-api with salt-ssh executions - Fix remote cmd ui js err and timed out message. - Remote cmd UI changes for salt-ssh minions. - Add support for salt ssh minions to remote cmd UI. - Apply SessionFilter also for error pages. (bsc#1028062) - Use correct logging class. - Fix broken help link for taskstatus. (bsc#1017422) - Test errata not removed from origin. - Fix merge channels patches. (bsc#1025000) - Change XccdfIdent.identifier mapping length to 100. - Add xccdf result xslt. - Fix mainframesysinfo module to use /proc/sysinfo on SLES11. (bsc#1025758) - Use consistent spelling in UI. (bsc#1028306) - Rewording distchannelmap text. (bsc#1017772) - Javascript datepicker needs the timezone create a correct date object. (bsc#1024966) - Don't show audit tab for ssh-push minions. - Set scap store dir mod to 775 and group owner to susemanager. - Better error handling and more tests. - Store uploaded scap files. - Openscap action scheduling and handling. - Grant scap capability to minion on registration. - Enable audit tab for salt minions. - Scap inital xccdfEval and hibernate mappings. - Show proxy path in bootstrap UI. - AuthFilter tests: Update expectations to reflect cookie update at end of request. - AuthFilter: Update cookie expiry date at end of HTTP request. (bsc#1025775) - MinionActionCleanup: Only call list_jobs once per action id. (bsc#1025291) - MinionActionCleanupTest: Expect that list_jobs is only called once. - Feat: Allow salt-enabled bootstrap.sh via UI. - Catch and display all bootstrap errors. - Sync grains and beacons only for regular minions. - Add new channel tokens to minion.accessTokens. - Fix getting server path for a first level proxy. - Fix bootstrap err when proxy not selected. - Check if proxy hostname is FQDN not name in UI. - Utility for runner to generate ssh key and execute cmd via proxies. - Add proxy_pub_key to ssh bootstrap pillar. - Add ssh timeout to temporary roster. - Salt_ssh_connect_timeout configuration parameter. - Authorize parent salt-ssh key on proxy. - Java backend for salt ssh-push through proxy. - Avoid deadlock with spacewalk-repo-sync. (bsc#1022530) - Fix NPE when no SUSE Product was found for an installed product. (bsc#1029840) - Keep organization after migrating a system to salt. (bsc#1026301) - Fix glob only for noarch rpm(s). - Feat: Dynamically detect deployed CA certificate. - Fix restore original default (certificate). - Rename variable (cert provided by RPM). - Fix uniform bootstrap.sh. (bsc#1000762) spacewalk-reports: - Remove legacy audit logging reports. (bsc#1009545) spacewalk-setup: - Create /var/spacewalk/systems in spacewalk-setup and ensure perms on upgrade. - Add xccdf result xslt. - Authorize parent salt-ssh key on proxy. spacewalk-web: - Remote Commands: Allow Web Socket to be opened on non-standard port. - Improve remote cmd ui error handling. - Show message when waiting for ssh minions times out. - Fix remote cmd ui js err and timed out message. - Remote cmd UI changes for salt-ssh minions. - Fix broken help link for taskstatus. (bsc#1017422) - Add js utility function to create Date objects in different timezones. - Show proxy path in bootstrap UI. - Clear proxy selection when clicking clear fields button. - Check if proxy hostname is FQDN not name in UI. - Show warn in bootstrap UI if proxy hostname is not a FQDN. subscription-matcher: - Set -Xmx launch parameter based on customer data. (bsc#1024863) - Small bugfixes and logging improvements. susemanager: - Add bootstrap repo data for SLES for SAP 12 SP2 ppc64le. - Add python-setuptools to bootstrap repo. (bsc#1033731) - Create directory manually if mksubvolume fails, so we now support btrfs based systems with missing mksubvoume utility. (bsc#1031885) - Create /var/spacewalk/systems in spacewalk-setup and ensure perms on upgrade - Fix typo in comment noting option with-custom-channels. (bsc#1031092) - Pre require tomcat and salt. - Fix %%pre and %%post scripts in susemanager.spec. - Append salt,tomcat,wwwrung to susemanager group. - Susemanager group and change owner and permissions for /var/susemanager/systems. susemanager-schema: - Don't fail if capability already exists. - Show update message only when updating the schema package. (bsc#1024456) - Fix audit log disabling in Oracle. - Grant minions scap capability. - Clean up stale logging data and triggers. (bsc#1009545) - Fix deduplicate to work with more than two duplicates. susemanager-sls: - Add certificate state for CAASP. - Add certificate state for SLES for SAP. (bsc#1031659) - Pre-create empty top.sls with no-op. (bsc#1017754) - Add xccdf result xslt. - Fix mainframesysinfo module to use /proc/sysinfo on SLES11. (bsc#1025758) - Set scap store dir mod to 775 and group owner to susemanager. - Store uploaded scap files. - Set minion own key owner to bootstrap ssh_push_sudo_user. - Runner to generate ssh key and execute cmd via proxies. - Change ssh bootstrap state to generate and auth keys for salt-ssh push with tunnel. - Authorize parent salt-ssh key on proxy. susemanager-sync-data: - Support Cloud 7 - Magnum Orchestration (bsc#1026266) and SLES for SAP 12 SP2 ppc64le. virtual-host-gatherer: - Adding support for exploring 'vim.Folder'. (bsc#1025421) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-827=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (x86_64): susemanager-3.0.21-21.1 susemanager-tools-3.0.21-21.1 - SUSE Manager Server 3.0 (noarch): rhnlib-2.5.84.4-6.1 salt-netapi-client-0.11.1-12.1 spacecmd-2.5.5.5-12.1 spacewalk-backend-2.5.24.9-22.1 spacewalk-backend-app-2.5.24.9-22.1 spacewalk-backend-applet-2.5.24.9-22.1 spacewalk-backend-config-files-2.5.24.9-22.1 spacewalk-backend-config-files-common-2.5.24.9-22.1 spacewalk-backend-config-files-tool-2.5.24.9-22.1 spacewalk-backend-iss-2.5.24.9-22.1 spacewalk-backend-iss-export-2.5.24.9-22.1 spacewalk-backend-libs-2.5.24.9-22.1 spacewalk-backend-package-push-server-2.5.24.9-22.1 spacewalk-backend-server-2.5.24.9-22.1 spacewalk-backend-sql-2.5.24.9-22.1 spacewalk-backend-sql-oracle-2.5.24.9-22.1 spacewalk-backend-sql-postgresql-2.5.24.9-22.1 spacewalk-backend-tools-2.5.24.9-22.1 spacewalk-backend-xml-export-libs-2.5.24.9-22.1 spacewalk-backend-xmlrpc-2.5.24.9-22.1 spacewalk-base-2.5.7.15-21.1 spacewalk-base-minimal-2.5.7.15-21.1 spacewalk-base-minimal-config-2.5.7.15-21.1 spacewalk-certs-tools-2.5.1.8-17.1 spacewalk-client-tools-2.5.13.8-17.2 spacewalk-html-2.5.7.15-21.1 spacewalk-java-2.5.59.14-23.2 spacewalk-java-config-2.5.59.14-23.2 spacewalk-java-lib-2.5.59.14-23.2 spacewalk-java-oracle-2.5.59.14-23.2 spacewalk-java-postgresql-2.5.59.14-23.2 spacewalk-reports-2.5.1.2-3.1 spacewalk-setup-2.5.3.12-15.1 spacewalk-taskomatic-2.5.59.14-23.2 subscription-matcher-0.18-5.1 susemanager-schema-3.0.19-21.2 susemanager-sls-0.1.20-23.1 susemanager-sync-data-3.0.16-24.1 virtual-host-gatherer-1.0.13-6.1 virtual-host-gatherer-VMware-1.0.13-6.1 References: https://www.suse.com/security/cve/CVE-2017-7470.html https://bugzilla.suse.com/1000762 https://bugzilla.suse.com/1009545 https://bugzilla.suse.com/1011964 https://bugzilla.suse.com/1012784 https://bugzilla.suse.com/1013606 https://bugzilla.suse.com/1017418 https://bugzilla.suse.com/1017422 https://bugzilla.suse.com/1017754 https://bugzilla.suse.com/1017772 https://bugzilla.suse.com/1020659 https://bugzilla.suse.com/1020904 https://bugzilla.suse.com/1022530 https://bugzilla.suse.com/1023233 https://bugzilla.suse.com/1024066 https://bugzilla.suse.com/1024406 https://bugzilla.suse.com/1024456 https://bugzilla.suse.com/1024714 https://bugzilla.suse.com/1024863 https://bugzilla.suse.com/1024966 https://bugzilla.suse.com/1025000 https://bugzilla.suse.com/1025275 https://bugzilla.suse.com/1025291 https://bugzilla.suse.com/1025312 https://bugzilla.suse.com/1025421 https://bugzilla.suse.com/1025758 https://bugzilla.suse.com/1025761 https://bugzilla.suse.com/1025775 https://bugzilla.suse.com/1025908 https://bugzilla.suse.com/1026266 https://bugzilla.suse.com/1026301 https://bugzilla.suse.com/1026633 https://bugzilla.suse.com/1027426 https://bugzilla.suse.com/1027852 https://bugzilla.suse.com/1028062 https://bugzilla.suse.com/1028306 https://bugzilla.suse.com/1029755 https://bugzilla.suse.com/1029840 https://bugzilla.suse.com/1030716 https://bugzilla.suse.com/1031092 https://bugzilla.suse.com/1031453 https://bugzilla.suse.com/1031659 https://bugzilla.suse.com/1031667 https://bugzilla.suse.com/1031826 https://bugzilla.suse.com/1031885 https://bugzilla.suse.com/1032256 https://bugzilla.suse.com/1033383 https://bugzilla.suse.com/1033497 https://bugzilla.suse.com/1033731 https://bugzilla.suse.com/1034289 https://bugzilla.suse.com/1034465 https://bugzilla.suse.com/1034956 From sle-security-updates at lists.suse.com Thu May 18 22:27:22 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 06:27:22 +0200 (CEST) Subject: SUSE-SU-2017:1351-1: moderate: Security update for Botan Message-ID: <20170519042722.6026C101C6@maintenance.suse.de> SUSE Security Update: Security update for Botan ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1351-1 Rating: moderate References: #1013209 #968030 Cross-References: CVE-2015-7827 CVE-2016-9132 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for Botan fixes the following issues: - CVE-2015-7827: PKCS #1 v1.5 decoding was not constant time, it could be used to mount a Bleichenbacher million-message attack (bsc#968030) - CVE-2016-9132: While decoding BER length fields, an integer overflow could occur leading to a denial-of-service (bsc#1013209) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-Botan-13119=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-Botan-13119=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libbotan-1_6_5-1.6.5-6.1 libbotan-devel-1.6.5-6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): Botan-debuginfo-1.6.5-6.1 Botan-debugsource-1.6.5-6.1 References: https://www.suse.com/security/cve/CVE-2015-7827.html https://www.suse.com/security/cve/CVE-2016-9132.html https://bugzilla.suse.com/1013209 https://bugzilla.suse.com/968030 From sle-security-updates at lists.suse.com Thu May 18 22:27:55 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 06:27:55 +0200 (CEST) Subject: SUSE-SU-2017:1352-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <20170519042755.6EB9C101C6@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1352-1 Rating: moderate References: #1020376 #1023233 #1024406 #1024714 #1025312 #1026633 #1027426 #1029755 #1031667 #1032256 Cross-References: CVE-2017-7470 Affected Products: SUSE Manager Tools 12 ______________________________________________________________________________ An update that solves one vulnerability and has 9 fixes is now available. Description: The following security issue in spacewalk-backend has been fixed: - Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. (bsc#1026633, CVE-2017-7470) Additionally, the following non-security issues have been fixed: cobbler: - Support UEFI boot with cobbler generated tftp tree. (bsc#1020376) - Refresh patch for fuzzless appliance. rhnlib: - Support all TLS versions in rpclib. (bsc#1025312) spacecmd: - Improve output on error for listrepo. (bsc#1027426) - Reword spacecmd removal message. (bsc#1024406) spacewalk-backend: - Do not fail with traceback when media.1 does not exist. (bsc#1032256) - Create scap files directory beforehand. (bsc#1029755) - Fix error if SPACEWALK_DEBUG_NO_REPORTS env variable is not present. - Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233) - Add support for running spacewalk-debug without creating reports. (bsc#1024714) - Set scap store directory mod to 775 and group owner to susemanager. - incomplete_package_import: Do import rhnPackageFile as it breaks some package installations. - Added traceback printing to the exception block. - Change postgresql starting commands. spacewalk-client-tools: - Fix reboot message to use correct product name. (bsc#1031667) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2017-822=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Tools 12 (noarch): koan-2.6.6-45.1 rhnlib-2.5.84.4-17.1 spacecmd-2.5.5.5-34.1 spacewalk-backend-libs-2.5.24.9-51.1 spacewalk-check-2.5.13.8-48.1 spacewalk-client-setup-2.5.13.8-48.1 spacewalk-client-tools-2.5.13.8-48.1 References: https://www.suse.com/security/cve/CVE-2017-7470.html https://bugzilla.suse.com/1020376 https://bugzilla.suse.com/1023233 https://bugzilla.suse.com/1024406 https://bugzilla.suse.com/1024714 https://bugzilla.suse.com/1025312 https://bugzilla.suse.com/1026633 https://bugzilla.suse.com/1027426 https://bugzilla.suse.com/1029755 https://bugzilla.suse.com/1031667 https://bugzilla.suse.com/1032256 From sle-security-updates at lists.suse.com Fri May 19 07:11:30 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 15:11:30 +0200 (CEST) Subject: SUSE-SU-2017:1357-1: moderate: Security update for git Message-ID: <20170519131130.2088C101C9@maintenance.suse.de> SUSE Security Update: Security update for git ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1357-1 Rating: moderate References: #1038395 Cross-References: CVE-2017-8386 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for git fixes the following issues: - git 2.12.3: * CVE-2017-8386: Fix git-shell not to escape with the starting dash name (bsc#1038395) * Fix for potential segv introduced in v2.11.0 and later * Misc fixes and cleanups. - git 2.12.2: * CLI output fixes * "Dump http" transport fixes * various fixes for internal code paths * Trailer "Cc:" RFC fix - git 2.12.1: * Reduce authentication round-trip over HTTP when the server supports just a single authentication method. * "git add -i" patch subcommand fixed to have a path selection * various path verification fixes * fix "git log -L..." buffer overrun Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-830=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-830=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-830=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-830=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-830=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-830=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): git-2.12.3-26.1 git-arch-2.12.3-26.1 git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-cvs-2.12.3-26.1 git-daemon-2.12.3-26.1 git-daemon-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 git-email-2.12.3-26.1 git-gui-2.12.3-26.1 git-svn-2.12.3-26.1 git-svn-debuginfo-2.12.3-26.1 git-web-2.12.3-26.1 gitk-2.12.3-26.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): git-doc-2.12.3-26.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): git-2.12.3-26.1 git-arch-2.12.3-26.1 git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-cvs-2.12.3-26.1 git-daemon-2.12.3-26.1 git-daemon-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 git-email-2.12.3-26.1 git-gui-2.12.3-26.1 git-svn-2.12.3-26.1 git-svn-debuginfo-2.12.3-26.1 git-web-2.12.3-26.1 gitk-2.12.3-26.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): git-doc-2.12.3-26.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): git-doc-2.12.3-26.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): git-doc-2.12.3-26.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): git-doc-2.12.3-26.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): git-core-2.12.3-26.1 git-core-debuginfo-2.12.3-26.1 git-debugsource-2.12.3-26.1 References: https://www.suse.com/security/cve/CVE-2017-8386.html https://bugzilla.suse.com/1038395 From sle-security-updates at lists.suse.com Fri May 19 10:10:38 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 19 May 2017 18:10:38 +0200 (CEST) Subject: SUSE-SU-2017:1360-1: important: Security update for the Linux Kernel Message-ID: <20170519161038.9CD60101C6@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1360-1 Rating: important References: #1003077 #1008842 #1009682 #1012620 #1012985 #1015703 #1015787 #1015821 #1017512 #1018100 #1018263 #1018419 #1018446 #1019168 #1019514 #1020048 #1020795 #1021256 #1021374 #1021762 #1021913 #1022559 #1022971 #1023164 #1023207 #1023377 #1023762 #1023824 #1023888 #1023992 #1024081 #1024234 #1024309 #1024508 #1024788 #1025039 #1025235 #1025354 #1025802 #1026024 #1026722 #1026914 #1027066 #1027178 #1027189 #1027190 #1027974 #1028041 #1028415 #1028595 #1028648 #1028895 #1029470 #1029850 #1029986 #1030118 #1030213 #1030593 #1030901 #1031003 #1031052 #1031080 #1031440 #1031567 #1031579 #1031662 #1031842 #1032125 #1032141 #1032344 #1032345 #1033336 #1034670 #103470 #1034700 #1035576 #1035699 #1035738 #1035877 #1036752 #1038261 #799133 #857926 #914939 #917630 #922853 #930399 #931620 #937444 #940946 #954763 #968697 #970083 #971933 #979215 #982783 #983212 #984530 #985561 #988065 #989056 #993832 Cross-References: CVE-2015-1350 CVE-2016-10044 CVE-2016-10200 CVE-2016-10208 CVE-2016-2117 CVE-2016-3070 CVE-2016-5243 CVE-2016-7117 CVE-2016-9191 CVE-2016-9588 CVE-2016-9604 CVE-2017-2647 CVE-2017-2671 CVE-2017-5669 CVE-2017-5897 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 CVE-2017-6951 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7616 CVE-2017-7645 CVE-2017-8106 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 30 vulnerabilities and has 72 fixes is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to receive various security and bugfixes. Notable new/improved features: - Improved support for Hyper-V - Support for the tcp_westwood TCP scheduling algorithm The following security bugs were fixed: - CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bsc#1035877). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. (bsc#1029850). - CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. (bsc#1030593) - CVE-2016-9604: This fixes handling of keyrings starting with '.' in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings (bsc#1035576) - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. (bnc#1033336). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. (bsc#1034670). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579) - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003) - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440) - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052) - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213) - CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanaged the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bsc#1015703). - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415) - CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377). - CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bsc#1023762). - CVE-2017-5986: A race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024) - CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842) - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2016-10044: The aio_mount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call (bnc#1023992). - CVE-2016-3070: The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacts with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215). - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212). - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190) - CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189) - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066) - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722) - CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697) - CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bsc#914939). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003077). The following non-security bugs were fixed: - ACPI / APEI: Fix NMI notification handling (bsc#917630). - arch: Mass conversion of smp_mb__*() (bsc#1020795). - asm-generic: add __smp_xxx wrappers (bsc#1020795). - block: remove struct request buffer member (bsc#1020795). - block: submit_bio_wait() conversions (bsc#1020795). - bonding: Advertize vxlan offload features when supported (bsc#1009682). - bonding: handle more gso types (bsc#1009682). - bonding: use the correct ether type for alb (bsc#1028595). - btrfs: allow unlink to exceed subvolume quota (bsc#1015821). - btrfs: Change qgroup_meta_rsv to 64bit (bsc#1015821). - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100). - btrfs: make file clone aware of fatal signals (bsc#1015787). - btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1015821). - cancel the setfilesize transation when io error happen (bsc#1028648). - cgroup: remove stray references to css_id (bsc#1020795). - cpuidle: powernv/pseries: Auto-promotion of snooze to deeper idle state (bnc#1023164). - dm: add era target (bsc#1020795). - dm: allow remove to be deferred (bsc#1020795). - dm bitset: only flush the current word if it has been dirtied (bsc#1020795). - dm btree: add dm_btree_find_lowest_key (bsc#1020795). - dm cache: actually resize cache (bsc#1020795). - dm cache: add block sizes and total cache blocks to status output (bsc#1020795). - dm cache: add cache block invalidation support (bsc#1020795). - dm cache: add passthrough mode (bsc#1020795). - dm cache: add policy name to status output (bsc#1020795). - dm cache: add remove_cblock method to policy interface (bsc#1020795). - dm cache: be much more aggressive about promoting writes to discarded blocks (bsc#1020795). - dm cache: cache shrinking support (bsc#1020795). - dm cache: do not add migration to completed list before unhooking bio (bsc#1020795). - dm cache: fix a lock-inversion (bsc#1020795). - dm cache: fix truncation bug when mapping I/O to more than 2TB fast device (bsc#1020795). - dm cache: fix writethrough mode quiescing in cache_map (bsc#1020795). - dm cache: improve efficiency of quiescing flag management (bsc#1020795). - dm cache: io destined for the cache device can now serve as tick bios (bsc#1020795). - dm cache: log error message if dm_kcopyd_copy() fails (bsc#1020795). - dm cache metadata: check the metadata version when reading the superblock (bsc#1020795). - dm cache metadata: return bool from __superblock_all_zeroes (bsc#1020795). - dm cache: move hook_info into common portion of per_bio_data structure (bsc#1020795). - dm cache: optimize commit_if_needed (bsc#1020795). - dm cache policy mq: a few small fixes (bsc#1020795). - dm cache policy mq: fix promotions to occur as expected (bsc#1020795). - dm cache policy mq: implement writeback_work() and mq_{set,clear}_dirty() (bsc#1020795). - dm cache policy mq: introduce three promotion threshold tunables (bsc#1020795). - dm cache policy mq: protect residency method with existing mutex (bsc#1020795). - dm cache policy mq: reduce memory requirements (bsc#1020795). - dm cache policy mq: use list_del_init instead of list_del + INIT_LIST_HEAD (bsc#1020795). - dm cache policy: remove return from void policy_remove_mapping (bsc#1020795). - dm cache: promotion optimisation for writes (bsc#1020795). - dm cache: resolve small nits and improve Documentation (bsc#1020795). - dm cache: return -EINVAL if the user specifies unknown cache policy (bsc#1020795). - dm cache: use cell_defer() boolean argument consistently (bsc#1020795). - dm: change sector_count member in clone_info from sector_t to unsigned (bsc#1020795). - dm crypt: add TCW IV mode for old CBC TCRYPT containers (bsc#1020795). - dm crypt: properly handle extra key string in initialization (bsc#1020795). - dm delay: use per-bio data instead of a mempool and slab cache (bsc#1020795). - dm: fix Kconfig indentation (bsc#1020795). - dm: fix Kconfig menu indentation (bsc#1020795). - dm: make dm_table_alloc_md_mempools static (bsc#1020795). - dm mpath: do not call pg_init when it is already running (bsc#1020795). - dm mpath: fix lock order inconsistency in multipath_ioctl (bsc#1020795). - dm mpath: print more useful warnings in multipath_message() (bsc#1020795). - dm mpath: push back requests instead of queueing (bsc#1020795). - dm mpath: really fix lockdep warning (bsc#1020795). - dm mpath: reduce memory pressure when requeuing (bsc#1020795). - dm mpath: remove extra nesting in map function (bsc#1020795). - dm mpath: remove map_io() (bsc#1020795). - dm mpath: remove process_queued_ios() (bsc#1020795). - dm mpath: requeue I/O during pg_init (bsc#1020795). - dm persistent data: cleanup dm-thin specific references in text (bsc#1020795). - dm snapshot: call destroy_work_on_stack() to pair with INIT_WORK_ONSTACK() (bsc#1020795). - dm snapshot: fix metadata corruption (bsc#1020795). - dm snapshot: prepare for switch to using dm-bufio (bsc#1020795). - dm snapshot: use dm-bufio (bsc#1020795). - dm snapshot: use dm-bufio prefetch (bsc#1020795). - dm snapshot: use GFP_KERNEL when initializing exceptions (bsc#1020795). - dm space map disk: optimise sm_disk_dec_block (bsc#1020795). - dm space map metadata: limit errors in sm_metadata_new_block (bsc#1020795). - dm: stop using bi_private (bsc#1020795). - dm table: add dm_table_run_md_queue_async (bsc#1020795). - dm table: print error on preresume failure (bsc#1020795). - dm table: remove unused buggy code that extends the targets array (bsc#1020795). - dm thin: add error_if_no_space feature (bsc#1020795). - dm thin: add mappings to end of prepared_* lists (bsc#1020795). - dm thin: add 'no_space_timeout' dm-thin-pool module param (bsc#1020795). - dm thin: add timeout to stop out-of-data-space mode holding IO forever (bsc#1020795). - dm thin: allow metadata commit if pool is in PM_OUT_OF_DATA_SPACE mode (bsc#1020795). - dm thin: allow metadata space larger than supported to go unused (bsc#1020795). - dm thin: cleanup and improve no space handling (bsc#1020795). - dm thin: eliminate the no_free_space flag (bsc#1020795). - dm thin: ensure user takes action to validate data and metadata consistency (bsc#1020795). - dm thin: factor out check_low_water_mark and use bools (bsc#1020795). - dm thin: fix deadlock in __requeue_bio_list (bsc#1020795). - dm thin: fix noflush suspend IO queueing (bsc#1020795). - dm thin: fix out of data space handling (bsc#1020795). - dm thin: fix pool feature parsing (bsc#1020795). - dm thin: fix rcu_read_lock being held in code that can sleep (bsc#1020795). - dm thin: handle metadata failures more consistently (bsc#1020795). - dm thin: irqsave must always be used with the pool->lock spinlock (bsc#1020795). - dm thin: log info when growing the data or metadata device (bsc#1020795). - dm thin: requeue bios to DM core if no_free_space and in read-only mode (bsc#1020795). - dm thin: return error from alloc_data_block if pool is not in write mode (bsc#1020795). - dm thin: simplify pool_is_congested (bsc#1020795). - dm thin: sort the per thin deferred bios using an rb_tree (bsc#1020795). - dm thin: synchronize the pool mode during suspend (bsc#1020795). - dm thin: use bool rather than unsigned for flags in structures (bsc#1020795). - dm thin: use INIT_WORK_ONSTACK in noflush_work to avoid ODEBUG warning (bsc#1020795). - dm thin: use per thin device deferred bio lists (bsc#1020795). - dm: use RCU_INIT_POINTER instead of rcu_assign_pointer in __unbind (bsc#1020795). - drm/i915: relax uncritical udelay_range() (bsc#1038261). - ether: add loopback type ETH_P_LOOPBACK (bsc#1028595). - ext4: fix bh leak on error paths in ext4_rename() and ext4_cross_rename() (bsc#1012985). - ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986). - ext4: mark inode dirty after converting inline directory (bsc#1012985). - ftrace: Make ftrace_location_range() global (FATE#322421). - HID: usbhid: improve handling of Clear-Halt and reset (bsc#1031080). - hv: util: catch allocation errors - hv: utils: use memdup_user in hvt_op_write - hwrng: virtio - ensure reads happen after successful probe (bsc#954763 bsc#1032344). - i40e: avoid null pointer dereference (bsc#922853). - i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561). - i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561). - i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561). - i40e: Impose a lower limit on gso size (bsc#985561). - i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561). - iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped (bsc#1023824). - iommu/vt-d: Tylersburg isoch identity map check is done too late (bsc#1032125). - ipv6: make ECMP route replacement less greedy (bsc#930399). - kabi: hide changes in struct sk_buff (bsc#1009682). - KABI: Hide new include in arch/powerpc/kernel/process.c (fate#322421). - kABI: mask struct xfs_icdinode change (bsc#1024788). - kABI: protect struct inet6_dev (kabi). - kABI: protect struct iscsi_conn (bsc#103470). - kABI: protect struct xfs_buftarg and struct xfs_mount (bsc#1024508). - kABI: restore can_rx_register parameters (kabi). - kernel/watchdog: use nmi registers snapshot in hardlockup handler (bsc#940946, bsc#937444). - kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662). - kgr/module: make a taint flag module-specific - kgr: remove unneeded kgr_needs_lazy_migration() s390x definition - l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415). - l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415). - l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415). - l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415). - l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415). - l2tp: lock socket before checking flags in connect() (bsc#1028415). - livepatch: Allow architectures to specify an alternate ftrace location (FATE#322421). - locking/semaphore: Add down_interruptible_timeout() (bsc#1031662). - md: avoid oops on unload if some process is in poll or select (bsc#1020795). - md: Convert use of typedef ctl_table to struct ctl_table (bsc#1020795). - md: ensure metadata is writen after raid level change (bsc#1020795). - md linear: fix a race between linear_add() and linear_congested() (bsc#1018446). - md: md_clear_badblocks should return an error code on failure (bsc#1020795). - md: refuse to change shape of array if it is active but read-only (bsc#1020795). - megaraid_sas: add missing curly braces in ioctl handler (bsc#1023207). - megaraid_sas: Fixup tgtid count in megasas_ld_list_query() (bsc#971933). - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118). - mm, memcg: do not retry precharge charges (bnc#1022559). - mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620). - mm/page_alloc: fix nodes for reclaim in fast path (bnc#1031842). - module: move add_taint_module() to a header file - net: Add skb_gro_postpull_rcsum to udp and vxlan (bsc#1009682). - net: add skb_pop_rcv_encapsulation (bsc#1009682). - net: Call skb_checksum_init in IPv4 (bsc#1009682). - net: Call skb_checksum_init in IPv6 (bsc#1009682). - netfilter: allow logging fron non-init netns (bsc#970083). - net: Generalize checksum_init functions (bsc#1009682). - net: Preserve CHECKSUM_COMPLETE at validation (bsc#1009682). - NFS: do not try to cross a mountpount when there isn't one there (bsc#1028041). - NFS: Expedite unmount of NFS auto-mounts (bnc#1025802). - NFS: Fix a performance regression in readdir (bsc#857926). - NFS: flush out dirty data on file fput() (bsc#1021762). - ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1012985). - powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895). - powerpc: Create a helper for getting the kernel toc value (FATE#322421). - powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971). - powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141). - powerpc/fadump: Update fadump documentation (bsc#1032141). - powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel (FATE#322421). - powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI (FATE#322421). - powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace (FATE#322421). - powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421). - powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421). - powerpc/kgraft: Add kgraft header (FATE#322421). - powerpc/kgraft: Add kgraft stack to struct thread_info (FATE#322421). - powerpc/kgraft: Add live patching support on ppc64le (FATE#322421). - powerpc/module: Create a special stub for ftrace_caller() (FATE#322421). - powerpc/module: Mark module stubs with a magic value (FATE#322421). - powerpc/module: Only try to generate the ftrace_caller() stub once (FATE#322421). - powerpc/modules: Never restore r2 for a mprofile-kernel style mcount() call (FATE#322421). - powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530). - powerpc/pseries/cpuidle: Remove MAX_IDLE_STATE macro (bnc#1023164). - powerpc/pseries/cpuidle: Use cpuidle_register() for initialisation (bnc#1023164). - powerpc: Reject binutils 2.24 when building little endian (boo#1028895). - RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1020048). - raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang - remove mpath patches from dmcache backport, for bsc#1035738 - revert "procfs: mark thread stack correctly in proc/PID/maps" (bnc#1030901). - Revert "RDMA/core: Fix incorrect structure packing for booleans" (kabi). - rtnetlink: allow to register ops without ops->setup set (bsc#1021374). - s390/zcrypt: Introduce CEX6 toleration (FATE#321783, LTC#147506, bsc#1019514). - sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419). - scsi_error: count medium access timeout only once per EH run (bsc#993832, bsc#1032345). - scsi: libiscsi: add lock around task lists to fix list corruption regression (bsc#1034700). - scsi: storvsc: fix SRB_STATUS_ABORTED handling - sfc: reduce severity of PIO buffer alloc failures (bsc#1019168). - svcrpc: fix gss-proxy NULL dereference in some error cases (bsc#1024309). - taint/module: Clean up global and module taint flags handling - tcp: abort orphan sockets stalling on zero window probes (bsc#1021913). - thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974). - thp: reduce indentation level in change_huge_pmd() (bnc#1027974). - treewide: fix "distingush" typo (bsc#1020795). - tree-wide: use reinit_completion instead of INIT_COMPLETION (bsc#1020795). - usb: dwc3: gadget: Fix incorrect DEPCMD and DGCMD status macros (bsc#1035699). - usb: host: xhci: print correct command ring address (bnc#1035699). - USB: serial: kl5kusb105: fix line-state error handling (bsc#1021256). - vfs: Do not exchange "short" filenames unconditionally (bsc#1012985). - vfs: split generic splice code from i_mutex locking (bsc#1024788). - vmxnet3: segCnt can be 1 for LRO packets (bsc#988065). - VSOCK: Detach QP check should filter out non matching QPs (bsc#1036752). - vxlan: cancel sock_work in vxlan_dellink() (bsc#1031567). - vxlan: Checksum fixes (bsc#1009682). - vxlan: GRO support at tunnel layer (bsc#1009682). - xen-blkfront: correct maximum segment accounting (bsc#1018263). - xen-blkfront: do not call talk_to_blkback when already connected to blkback. - xen-blkfront: free resources if xlvbd_alloc_gendisk fails. - xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056). - xfs: do not allow di_size with high bit set (bsc#1024234). - xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508). - xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508). - xfs: fix broken multi-fsb buffer logging (bsc#1024081). - xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056). - xfs: Fix lock ordering in splice write (bsc#1024788). - xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888). - xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788). - xfs: pass total block res. as total xfs_bmapi_write() parameter (bsc#1029470). - xfs: replace global xfslogd wq with per-mount wq (bsc#1024508). - xfs: track and serialize in-flight async buffers against unmount (bsc#1024508). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-831=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-831=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-831=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-831=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-831=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-831=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.74-60.64.40.1 kernel-default-debugsource-3.12.74-60.64.40.1 kernel-default-extra-3.12.74-60.64.40.1 kernel-default-extra-debuginfo-3.12.74-60.64.40.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.74-60.64.40.1 kernel-obs-build-debugsource-3.12.74-60.64.40.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.74-60.64.40.4 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.74-60.64.40.1 kernel-default-base-3.12.74-60.64.40.1 kernel-default-base-debuginfo-3.12.74-60.64.40.1 kernel-default-debuginfo-3.12.74-60.64.40.1 kernel-default-debugsource-3.12.74-60.64.40.1 kernel-default-devel-3.12.74-60.64.40.1 kernel-syms-3.12.74-60.64.40.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.74-60.64.40.1 kernel-macros-3.12.74-60.64.40.1 kernel-source-3.12.74-60.64.40.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.74-60.64.40.1 kernel-xen-base-3.12.74-60.64.40.1 kernel-xen-base-debuginfo-3.12.74-60.64.40.1 kernel-xen-debuginfo-3.12.74-60.64.40.1 kernel-xen-debugsource-3.12.74-60.64.40.1 kernel-xen-devel-3.12.74-60.64.40.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.74-60.64.40.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.74-60.64.40.1 kernel-ec2-debuginfo-3.12.74-60.64.40.1 kernel-ec2-debugsource-3.12.74-60.64.40.1 kernel-ec2-devel-3.12.74-60.64.40.1 kernel-ec2-extra-3.12.74-60.64.40.1 kernel-ec2-extra-debuginfo-3.12.74-60.64.40.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_74-60_64_40-default-1-4.1 kgraft-patch-3_12_74-60_64_40-xen-1-4.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.74-60.64.40.1 kernel-default-debuginfo-3.12.74-60.64.40.1 kernel-default-debugsource-3.12.74-60.64.40.1 kernel-default-devel-3.12.74-60.64.40.1 kernel-default-extra-3.12.74-60.64.40.1 kernel-default-extra-debuginfo-3.12.74-60.64.40.1 kernel-syms-3.12.74-60.64.40.1 kernel-xen-3.12.74-60.64.40.1 kernel-xen-debuginfo-3.12.74-60.64.40.1 kernel-xen-debugsource-3.12.74-60.64.40.1 kernel-xen-devel-3.12.74-60.64.40.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.74-60.64.40.1 kernel-macros-3.12.74-60.64.40.1 kernel-source-3.12.74-60.64.40.1 References: https://www.suse.com/security/cve/CVE-2015-1350.html https://www.suse.com/security/cve/CVE-2016-10044.html https://www.suse.com/security/cve/CVE-2016-10200.html https://www.suse.com/security/cve/CVE-2016-10208.html https://www.suse.com/security/cve/CVE-2016-2117.html https://www.suse.com/security/cve/CVE-2016-3070.html https://www.suse.com/security/cve/CVE-2016-5243.html https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-9191.html https://www.suse.com/security/cve/CVE-2016-9588.html https://www.suse.com/security/cve/CVE-2016-9604.html https://www.suse.com/security/cve/CVE-2017-2647.html https://www.suse.com/security/cve/CVE-2017-2671.html https://www.suse.com/security/cve/CVE-2017-5669.html https://www.suse.com/security/cve/CVE-2017-5897.html https://www.suse.com/security/cve/CVE-2017-5986.html https://www.suse.com/security/cve/CVE-2017-6074.html https://www.suse.com/security/cve/CVE-2017-6214.html https://www.suse.com/security/cve/CVE-2017-6345.html https://www.suse.com/security/cve/CVE-2017-6346.html https://www.suse.com/security/cve/CVE-2017-6348.html https://www.suse.com/security/cve/CVE-2017-6353.html https://www.suse.com/security/cve/CVE-2017-6951.html https://www.suse.com/security/cve/CVE-2017-7187.html https://www.suse.com/security/cve/CVE-2017-7261.html https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://www.suse.com/security/cve/CVE-2017-7616.html https://www.suse.com/security/cve/CVE-2017-7645.html https://www.suse.com/security/cve/CVE-2017-8106.html https://bugzilla.suse.com/1003077 https://bugzilla.suse.com/1008842 https://bugzilla.suse.com/1009682 https://bugzilla.suse.com/1012620 https://bugzilla.suse.com/1012985 https://bugzilla.suse.com/1015703 https://bugzilla.suse.com/1015787 https://bugzilla.suse.com/1015821 https://bugzilla.suse.com/1017512 https://bugzilla.suse.com/1018100 https://bugzilla.suse.com/1018263 https://bugzilla.suse.com/1018419 https://bugzilla.suse.com/1018446 https://bugzilla.suse.com/1019168 https://bugzilla.suse.com/1019514 https://bugzilla.suse.com/1020048 https://bugzilla.suse.com/1020795 https://bugzilla.suse.com/1021256 https://bugzilla.suse.com/1021374 https://bugzilla.suse.com/1021762 https://bugzilla.suse.com/1021913 https://bugzilla.suse.com/1022559 https://bugzilla.suse.com/1022971 https://bugzilla.suse.com/1023164 https://bugzilla.suse.com/1023207 https://bugzilla.suse.com/1023377 https://bugzilla.suse.com/1023762 https://bugzilla.suse.com/1023824 https://bugzilla.suse.com/1023888 https://bugzilla.suse.com/1023992 https://bugzilla.suse.com/1024081 https://bugzilla.suse.com/1024234 https://bugzilla.suse.com/1024309 https://bugzilla.suse.com/1024508 https://bugzilla.suse.com/1024788 https://bugzilla.suse.com/1025039 https://bugzilla.suse.com/1025235 https://bugzilla.suse.com/1025354 https://bugzilla.suse.com/1025802 https://bugzilla.suse.com/1026024 https://bugzilla.suse.com/1026722 https://bugzilla.suse.com/1026914 https://bugzilla.suse.com/1027066 https://bugzilla.suse.com/1027178 https://bugzilla.suse.com/1027189 https://bugzilla.suse.com/1027190 https://bugzilla.suse.com/1027974 https://bugzilla.suse.com/1028041 https://bugzilla.suse.com/1028415 https://bugzilla.suse.com/1028595 https://bugzilla.suse.com/1028648 https://bugzilla.suse.com/1028895 https://bugzilla.suse.com/1029470 https://bugzilla.suse.com/1029850 https://bugzilla.suse.com/1029986 https://bugzilla.suse.com/1030118 https://bugzilla.suse.com/1030213 https://bugzilla.suse.com/1030593 https://bugzilla.suse.com/1030901 https://bugzilla.suse.com/1031003 https://bugzilla.suse.com/1031052 https://bugzilla.suse.com/1031080 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031567 https://bugzilla.suse.com/1031579 https://bugzilla.suse.com/1031662 https://bugzilla.suse.com/1031842 https://bugzilla.suse.com/1032125 https://bugzilla.suse.com/1032141 https://bugzilla.suse.com/1032344 https://bugzilla.suse.com/1032345 https://bugzilla.suse.com/1033336 https://bugzilla.suse.com/1034670 https://bugzilla.suse.com/103470 https://bugzilla.suse.com/1034700 https://bugzilla.suse.com/1035576 https://bugzilla.suse.com/1035699 https://bugzilla.suse.com/1035738 https://bugzilla.suse.com/1035877 https://bugzilla.suse.com/1036752 https://bugzilla.suse.com/1038261 https://bugzilla.suse.com/799133 https://bugzilla.suse.com/857926 https://bugzilla.suse.com/914939 https://bugzilla.suse.com/917630 https://bugzilla.suse.com/922853 https://bugzilla.suse.com/930399 https://bugzilla.suse.com/931620 https://bugzilla.suse.com/937444 https://bugzilla.suse.com/940946 https://bugzilla.suse.com/954763 https://bugzilla.suse.com/968697 https://bugzilla.suse.com/970083 https://bugzilla.suse.com/971933 https://bugzilla.suse.com/979215 https://bugzilla.suse.com/982783 https://bugzilla.suse.com/983212 https://bugzilla.suse.com/984530 https://bugzilla.suse.com/985561 https://bugzilla.suse.com/988065 https://bugzilla.suse.com/989056 https://bugzilla.suse.com/993832 From sle-security-updates at lists.suse.com Mon May 22 07:09:14 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 22 May 2017 15:09:14 +0200 (CEST) Subject: SUSE-SU-2017:1365-1: moderate: Security update for collectd Message-ID: <20170522130914.BDC5E101C9@maintenance.suse.de> SUSE Security Update: Security update for collectd ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1365-1 Rating: moderate References: #1032307 Cross-References: CVE-2017-7401 Affected Products: SUSE Webyast 1.3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for collectd fixes one issue. This security issue was fixed: - CVE-2017-7401: Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c allowed remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet (bsc#1032307). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-collectd-13121=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-collectd-13121=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): collectd-4.9.4-0.31.1 libcollectdclient-devel-4.9.4-0.31.1 libcollectdclient0-4.9.4-0.31.1 - SUSE Lifecycle Management Server 1.3 (x86_64): collectd-4.9.4-0.31.1 libcollectdclient-devel-4.9.4-0.31.1 libcollectdclient0-4.9.4-0.31.1 References: https://www.suse.com/security/cve/CVE-2017-7401.html https://bugzilla.suse.com/1032307 From sle-security-updates at lists.suse.com Mon May 22 07:09:38 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 22 May 2017 15:09:38 +0200 (CEST) Subject: SUSE-SU-2017:1366-1: moderate: Security update for libxml2 Message-ID: <20170522130938.7058C101C6@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1366-1 Rating: moderate References: #1010675 #1013930 #1014873 #1017497 #876652 Cross-References: CVE-2014-0191 CVE-2016-9318 CVE-2016-9597 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for libxml2 fixes the following issues: * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497) * CVE-2014-0191: External parameter entity loaded when entity substitution is disabled could cause a DoS. (bsc#876652) * CVE-2016-9318: XML External Entity (XXE) could be abused via crafted document. (bsc#1010675) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-833=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-833=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-833=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libxml2-debugsource-2.9.1-26.12.1 libxml2-devel-2.9.1-26.12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libxml2-2-2.9.1-26.12.1 libxml2-2-debuginfo-2.9.1-26.12.1 libxml2-debugsource-2.9.1-26.12.1 libxml2-tools-2.9.1-26.12.1 libxml2-tools-debuginfo-2.9.1-26.12.1 python-libxml2-2.9.1-26.12.1 python-libxml2-debuginfo-2.9.1-26.12.1 python-libxml2-debugsource-2.9.1-26.12.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libxml2-2-32bit-2.9.1-26.12.1 libxml2-2-debuginfo-32bit-2.9.1-26.12.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): libxml2-doc-2.9.1-26.12.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libxml2-2-2.9.1-26.12.1 libxml2-2-32bit-2.9.1-26.12.1 libxml2-2-debuginfo-2.9.1-26.12.1 libxml2-2-debuginfo-32bit-2.9.1-26.12.1 libxml2-debugsource-2.9.1-26.12.1 libxml2-tools-2.9.1-26.12.1 libxml2-tools-debuginfo-2.9.1-26.12.1 python-libxml2-2.9.1-26.12.1 python-libxml2-debuginfo-2.9.1-26.12.1 python-libxml2-debugsource-2.9.1-26.12.1 References: https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9597.html https://bugzilla.suse.com/1010675 https://bugzilla.suse.com/1013930 https://bugzilla.suse.com/1014873 https://bugzilla.suse.com/1017497 https://bugzilla.suse.com/876652 From sle-security-updates at lists.suse.com Mon May 22 07:10:45 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 22 May 2017 15:10:45 +0200 (CEST) Subject: SUSE-SU-2017:1367-1: moderate: Security update for libsndfile Message-ID: <20170522131045.10D43101C9@maintenance.suse.de> SUSE Security Update: Security update for libsndfile ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1367-1 Rating: moderate References: #1033054 #1033914 #1033915 #1036943 #1036944 #1036945 #1036946 #1038856 Cross-References: CVE-2017-7585 CVE-2017-7741 CVE-2017-7742 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: This update for libsndfile fixes the following issues: - CVE-2017-8361: Global buffer overflow in flac_buffer_copy. (bsc#1036946) - CVE-2017-8362: Invalid memory read in flac_buffer_copy. (bsc#1036943) - CVE-2017-8363: Heap-based buffer overflow in flac_buffer_copy. (bsc#1036945) - CVE-2017-7585, CVE-2017-7741, CVE-2017-7742: Stack-based buffer overflows via specially crafted FLAC files. (bsc#1033054) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-834=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-834=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-834=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-834=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-834=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-834=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-834=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile-devel-1.0.25-35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile-devel-1.0.25-35.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libsndfile-debugsource-1.0.25-35.1 libsndfile1-1.0.25-35.1 libsndfile1-debuginfo-1.0.25-35.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile1-1.0.25-35.1 libsndfile1-debuginfo-1.0.25-35.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libsndfile1-32bit-1.0.25-35.1 libsndfile1-debuginfo-32bit-1.0.25-35.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile1-1.0.25-35.1 libsndfile1-debuginfo-1.0.25-35.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libsndfile1-32bit-1.0.25-35.1 libsndfile1-debuginfo-32bit-1.0.25-35.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile1-1.0.25-35.1 libsndfile1-32bit-1.0.25-35.1 libsndfile1-debuginfo-1.0.25-35.1 libsndfile1-debuginfo-32bit-1.0.25-35.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libsndfile-debugsource-1.0.25-35.1 libsndfile1-1.0.25-35.1 libsndfile1-32bit-1.0.25-35.1 libsndfile1-debuginfo-1.0.25-35.1 libsndfile1-debuginfo-32bit-1.0.25-35.1 References: https://www.suse.com/security/cve/CVE-2017-7585.html https://www.suse.com/security/cve/CVE-2017-7741.html https://www.suse.com/security/cve/CVE-2017-7742.html https://www.suse.com/security/cve/CVE-2017-8361.html https://www.suse.com/security/cve/CVE-2017-8362.html https://www.suse.com/security/cve/CVE-2017-8363.html https://www.suse.com/security/cve/CVE-2017-8365.html https://bugzilla.suse.com/1033054 https://bugzilla.suse.com/1033914 https://bugzilla.suse.com/1033915 https://bugzilla.suse.com/1036943 https://bugzilla.suse.com/1036944 https://bugzilla.suse.com/1036945 https://bugzilla.suse.com/1036946 https://bugzilla.suse.com/1038856 From sle-security-updates at lists.suse.com Mon May 22 07:11:59 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 22 May 2017 15:11:59 +0200 (CEST) Subject: SUSE-SU-2017:1368-1: moderate: Security update for libplist Message-ID: <20170522131159.4D60B101C9@maintenance.suse.de> SUSE Security Update: Security update for libplist ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1368-1 Rating: moderate References: #1019531 #1021610 #1023807 #1023822 #1023848 #1029631 #1035312 Cross-References: CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6440 CVE-2017-7982 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for libplist fixes the following security issues: - CVE-2017-5545: The main function in plistutil.c in libimobiledevice libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. (bsc#1021610). - CVE-2017-5209: The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. (bsc#1019531) - CVE-2017-5836: A type inconsistency in bplist.c was fixed. (bsc#1023807) - CVE-2017-5835: A memory allocation error leading to DoS was fixed. (bsc#1023822) - CVE-2017-5834: A heap-buffer overflow in parse_dict_node was fixed (bsc#1023848) - CVE-2017-7982: Denial of service (heap-based buffer over-read and application crash) via a crafted plist file (bsc#1035312) - CVE-2017-6440: A specially crafted plist file could lead to denial of service (bsc#1029631) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-835=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-835=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-835=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-835=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-835=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libplist++1-1.8-10.9.1 libplist++1-debuginfo-1.8-10.9.1 libplist-debugsource-1.8-10.9.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libplist++1-1.8-10.9.1 libplist++1-debuginfo-1.8-10.9.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libplist++-devel-1.8-10.9.1 libplist++1-1.8-10.9.1 libplist++1-debuginfo-1.8-10.9.1 libplist-debugsource-1.8-10.9.1 libplist-devel-1.8-10.9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libplist-debugsource-1.8-10.9.1 libplist1-1.8-10.9.1 libplist1-debuginfo-1.8-10.9.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libplist++1-1.8-10.9.1 libplist++1-debuginfo-1.8-10.9.1 libplist-debugsource-1.8-10.9.1 libplist1-1.8-10.9.1 libplist1-debuginfo-1.8-10.9.1 References: https://www.suse.com/security/cve/CVE-2017-5209.html https://www.suse.com/security/cve/CVE-2017-5545.html https://www.suse.com/security/cve/CVE-2017-5834.html https://www.suse.com/security/cve/CVE-2017-5835.html https://www.suse.com/security/cve/CVE-2017-5836.html https://www.suse.com/security/cve/CVE-2017-6440.html https://www.suse.com/security/cve/CVE-2017-7982.html https://bugzilla.suse.com/1019531 https://bugzilla.suse.com/1021610 https://bugzilla.suse.com/1023807 https://bugzilla.suse.com/1023822 https://bugzilla.suse.com/1023848 https://bugzilla.suse.com/1029631 https://bugzilla.suse.com/1035312 From sle-security-updates at lists.suse.com Tue May 23 13:09:14 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:09:14 +0200 (CEST) Subject: SUSE-SU-2017:1379-1: moderate: Security update for libplist Message-ID: <20170523190914.60C79101C9@maintenance.suse.de> SUSE Security Update: Security update for libplist ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1379-1 Rating: moderate References: #1019531 #1021610 #1023807 #1023822 #1023848 #1029631 #1035312 Cross-References: CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6440 CVE-2017-7982 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data (bsc#1019531). - CVE-2017-5545: The main function in plistutil.c in libimobiledevice libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. (bsc#1021610). - CVE-2017-5836: A type inconsistency in bplist.c was fixed. (bsc#1023807) - CVE-2017-5835: A memory allocation error leading to DoS was fixed. (bsc#1023822) - CVE-2017-5834: A heap-buffer overflow in parse_dict_node was fixed. (bsc#1023848) - CVE-2017-6440: Ensure that sanity checks work on 32-bit platforms. (bsc#1029631) - CVE-2017-7982: Add some safety checks, backported from upstream (bsc#1035312). - CVE-2017-5836: A maliciously crafted file could cause the application to crash. (bsc#1023807). - CVE-2017-5835: Malicious crafted file could cause libplist to allocate large amounts of memory and consume lots of CPU (bsc#1023822) - CVE-2017-5834: Maliciou crafted file could cause a heap buffer overflow or segmentation fault (bsc#1023848) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-849=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-849=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-849=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-849=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-849=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libplist++3-1.12-19.1 libplist++3-debuginfo-1.12-19.1 libplist-debugsource-1.12-19.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libplist++-devel-1.12-19.1 libplist-debugsource-1.12-19.1 libplist-devel-1.12-19.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libplist-debugsource-1.12-19.1 libplist3-1.12-19.1 libplist3-debuginfo-1.12-19.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libplist-debugsource-1.12-19.1 libplist3-1.12-19.1 libplist3-debuginfo-1.12-19.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libplist++3-1.12-19.1 libplist++3-debuginfo-1.12-19.1 libplist-debugsource-1.12-19.1 libplist3-1.12-19.1 libplist3-debuginfo-1.12-19.1 References: https://www.suse.com/security/cve/CVE-2017-5209.html https://www.suse.com/security/cve/CVE-2017-5545.html https://www.suse.com/security/cve/CVE-2017-5834.html https://www.suse.com/security/cve/CVE-2017-5835.html https://www.suse.com/security/cve/CVE-2017-5836.html https://www.suse.com/security/cve/CVE-2017-6440.html https://www.suse.com/security/cve/CVE-2017-7982.html https://bugzilla.suse.com/1019531 https://bugzilla.suse.com/1021610 https://bugzilla.suse.com/1023807 https://bugzilla.suse.com/1023822 https://bugzilla.suse.com/1023848 https://bugzilla.suse.com/1029631 https://bugzilla.suse.com/1035312 From sle-security-updates at lists.suse.com Tue May 23 13:11:53 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:11:53 +0200 (CEST) Subject: SUSE-SU-2017:1382-1: important: Security update for tomcat Message-ID: <20170523191153.1C8B0101C6@maintenance.suse.de> SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1382-1 Rating: important References: #1015119 #1033447 #1033448 Cross-References: CVE-2016-8745 CVE-2017-5647 CVE-2017-5648 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure (bsc#1033448) - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure (bsc#1033447) - CVE-2016-8745 shared Processor on Connector code could lead to information disclosure (bsc#1015119) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-848=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): tomcat-8.0.43-10.19.1 tomcat-admin-webapps-8.0.43-10.19.1 tomcat-docs-webapp-8.0.43-10.19.1 tomcat-el-3_0-api-8.0.43-10.19.1 tomcat-javadoc-8.0.43-10.19.1 tomcat-jsp-2_3-api-8.0.43-10.19.1 tomcat-lib-8.0.43-10.19.1 tomcat-servlet-3_1-api-8.0.43-10.19.1 tomcat-webapps-8.0.43-10.19.1 References: https://www.suse.com/security/cve/CVE-2016-8745.html https://www.suse.com/security/cve/CVE-2017-5647.html https://www.suse.com/security/cve/CVE-2017-5648.html https://bugzilla.suse.com/1015119 https://bugzilla.suse.com/1033447 https://bugzilla.suse.com/1033448 From sle-security-updates at lists.suse.com Tue May 23 13:13:04 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:13:04 +0200 (CEST) Subject: SUSE-SU-2017:1384-1: important: Security update for java-1_7_0-ibm Message-ID: <20170523191304.9922E101C7@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1384-1 Rating: important References: #1038505 Cross-References: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for java-1_7_0-ibm fixes the following issues: Version update to 7.0-10.5 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3544: OpenJDK: newline injection in the SMTP client Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-java-1_7_0-ibm-13124=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-java-1_7_0-ibm-13124=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): java-1_7_0-ibm-1.7.0_sr10.5-64.1 java-1_7_0-ibm-devel-1.7.0_sr10.5-64.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.5-64.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr10.5-64.1 java-1_7_0-ibm-plugin-1.7.0_sr10.5-64.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): java-1_7_0-ibm-1.7.0_sr10.5-64.1 java-1_7_0-ibm-alsa-1.7.0_sr10.5-64.1 java-1_7_0-ibm-devel-1.7.0_sr10.5-64.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.5-64.1 java-1_7_0-ibm-plugin-1.7.0_sr10.5-64.1 References: https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Tue May 23 13:13:30 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:13:30 +0200 (CEST) Subject: SUSE-SU-2017:1385-1: important: Security update for java-1_7_1-ibm Message-ID: <20170523191330.46EB2101C6@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1385-1 Rating: important References: #1038505 Cross-References: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-4.5 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3544: OpenJDK: newline injection in the SMTP client Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-847=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-847=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-847=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-847=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-847=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-847=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): java-1_7_1-ibm-1.7.1_sr4.5-37.1 java-1_7_1-ibm-alsa-1.7.1_sr4.5-37.1 java-1_7_1-ibm-devel-1.7.1_sr4.5-37.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37.1 java-1_7_1-ibm-plugin-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): java-1_7_1-ibm-1.7.1_sr4.5-37.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.5-37.1 java-1_7_1-ibm-plugin-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.5-37.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.5-37.1 java-1_7_1-ibm-plugin-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.5-37.1 java-1_7_1-ibm-devel-1.7.1_sr4.5-37.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.5-37.1 java-1_7_1-ibm-plugin-1.7.1_sr4.5-37.1 References: https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Tue May 23 13:14:03 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:14:03 +0200 (CEST) Subject: SUSE-SU-2017:1386-1: important: Security update for java-1_8_0-ibm Message-ID: <20170523191403.A1686101C9@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1386-1 Rating: important References: #1038505 Cross-References: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for java-1_8_0-ibm fixes the following issues: Version update bsc#1038505: - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-3544: OpenJDK: newline injection in the SMTP client - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-844=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-844=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-844=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-844=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): java-1_8_0-ibm-devel-1.8.0_sr4.5-29.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-devel-1.8.0_sr4.5-29.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): java-1_8_0-ibm-1.8.0_sr4.5-29.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr4.5-29.1 java-1_8_0-ibm-plugin-1.8.0_sr4.5-29.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-1.8.0_sr4.5-29.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr4.5-29.1 java-1_8_0-ibm-plugin-1.8.0_sr4.5-29.1 References: https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Tue May 23 13:14:26 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:14:26 +0200 (CEST) Subject: SUSE-SU-2017:1387-1: important: Security update for java-1_7_1-ibm Message-ID: <20170523191426.56B51101C6@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1387-1 Rating: important References: #1038505 Cross-References: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for java-1_7_1-ibm fixes the following issues: Version update to 7.1-4.5 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3544: OpenJDK: newline injection in the SMTP client Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-java-1_7_1-ibm-13123=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-java-1_7_1-ibm-13123=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.5-25.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.5-25.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.5-25.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.5-25.1 java-1_7_1-ibm-plugin-1.7.1_sr4.5-25.1 References: https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Tue May 23 13:15:10 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 23 May 2017 21:15:10 +0200 (CEST) Subject: SUSE-SU-2017:1389-1: important: Security update for java-1_6_0-ibm Message-ID: <20170523191510.A75D0101C9@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1389-1 Rating: important References: #1027038 #1038505 Cross-References: CVE-2016-2183 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3514 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for java-1_6_0-ibm fixes the following issues: - Version update to 6.0-16.45 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3544: OpenJDK: newline injection in the SMTP client - Version update to 6.0-16.40 bsc#1027038 CVE-2016-2183 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2017-843=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.45-49.1 java-1_6_0-ibm-fonts-1.6.0_sr16.45-49.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.45-49.1 - SUSE Linux Enterprise Module for Legacy Software 12 (x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.45-49.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3514.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1027038 https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Wed May 24 07:09:26 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 15:09:26 +0200 (CEST) Subject: SUSE-SU-2017:1391-1: important: Security update for samba Message-ID: <20170524130926.D80E5101C9@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1391-1 Rating: important References: #1038231 Cross-References: CVE-2017-7494 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-13127=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-13127=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-samba-13127=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-samba-13127=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-13127=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-13127=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-93.1 libnetapi-devel-3.6.3-93.1 libnetapi0-3.6.3-93.1 libsmbclient-devel-3.6.3-93.1 libsmbsharemodes-devel-3.6.3-93.1 libsmbsharemodes0-3.6.3-93.1 libtalloc-devel-3.6.3-93.1 libtdb-devel-3.6.3-93.1 libtevent-devel-3.6.3-93.1 libwbclient-devel-3.6.3-93.1 samba-devel-3.6.3-93.1 samba-test-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-93.1 libldb1-3.6.3-93.1 libsmbclient0-3.6.3-93.1 libtalloc2-3.6.3-93.1 libtdb1-3.6.3-93.1 libtevent0-3.6.3-93.1 libwbclient0-3.6.3-93.1 samba-3.6.3-93.1 samba-client-3.6.3-93.1 samba-krb-printing-3.6.3-93.1 samba-winbind-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-93.1 libtalloc2-32bit-3.6.3-93.1 libtdb1-32bit-3.6.3-93.1 libtevent0-32bit-3.6.3-93.1 libwbclient0-32bit-3.6.3-93.1 samba-32bit-3.6.3-93.1 samba-client-32bit-3.6.3-93.1 samba-winbind-32bit-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-93.1 libtalloc2-x86-3.6.3-93.1 libtdb1-x86-3.6.3-93.1 libtevent0-x86-3.6.3-93.1 libwbclient0-x86-3.6.3-93.1 samba-client-x86-3.6.3-93.1 samba-winbind-x86-3.6.3-93.1 samba-x86-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): ldapsmb-1.34b-93.1 libldb1-3.6.3-93.1 libsmbclient0-3.6.3-93.1 libtalloc2-3.6.3-93.1 libtdb1-3.6.3-93.1 libtevent0-3.6.3-93.1 libwbclient0-3.6.3-93.1 samba-3.6.3-93.1 samba-client-3.6.3-93.1 samba-krb-printing-3.6.3-93.1 samba-winbind-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-93.1 libtalloc2-32bit-3.6.3-93.1 libtdb1-32bit-3.6.3-93.1 libtevent0-32bit-3.6.3-93.1 libwbclient0-32bit-3.6.3-93.1 samba-32bit-3.6.3-93.1 samba-client-32bit-3.6.3-93.1 samba-winbind-32bit-3.6.3-93.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): samba-doc-3.6.3-93.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): samba-doc-3.6.3-93.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): ldapsmb-1.34b-93.1 libldb1-3.6.3-93.1 libsmbclient0-3.6.3-93.1 libtalloc2-3.6.3-93.1 libtdb1-3.6.3-93.1 libtevent0-3.6.3-93.1 libwbclient0-3.6.3-93.1 samba-3.6.3-93.1 samba-client-3.6.3-93.1 samba-krb-printing-3.6.3-93.1 samba-winbind-3.6.3-93.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-93.1 samba-debugsource-3.6.3-93.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-93.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-93.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): samba-debuginfo-3.6.3-93.1 samba-debugsource-3.6.3-93.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): samba-debuginfo-32bit-3.6.3-93.1 References: https://www.suse.com/security/cve/CVE-2017-7494.html https://bugzilla.suse.com/1038231 From sle-security-updates at lists.suse.com Wed May 24 07:09:55 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 15:09:55 +0200 (CEST) Subject: SUSE-SU-2017:1392-1: important: Security update for samba Message-ID: <20170524130955.341EF101C9@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1392-1 Rating: important References: #1038231 Cross-References: CVE-2017-7494 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise High Availability 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-854=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-854=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-854=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-854=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-854=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2017-854=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-854=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-854=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): samba-test-devel-4.2.4-28.14.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ctdb-debuginfo-4.2.4-28.14.1 ctdb-devel-4.2.4-28.14.1 libdcerpc-atsvc-devel-4.2.4-28.14.1 libdcerpc-atsvc0-4.2.4-28.14.1 libdcerpc-atsvc0-debuginfo-4.2.4-28.14.1 libdcerpc-devel-4.2.4-28.14.1 libdcerpc-samr-devel-4.2.4-28.14.1 libdcerpc-samr0-4.2.4-28.14.1 libdcerpc-samr0-debuginfo-4.2.4-28.14.1 libgensec-devel-4.2.4-28.14.1 libndr-devel-4.2.4-28.14.1 libndr-krb5pac-devel-4.2.4-28.14.1 libndr-nbt-devel-4.2.4-28.14.1 libndr-standard-devel-4.2.4-28.14.1 libnetapi-devel-4.2.4-28.14.1 libregistry-devel-4.2.4-28.14.1 libsamba-credentials-devel-4.2.4-28.14.1 libsamba-hostconfig-devel-4.2.4-28.14.1 libsamba-passdb-devel-4.2.4-28.14.1 libsamba-policy-devel-4.2.4-28.14.1 libsamba-policy0-4.2.4-28.14.1 libsamba-policy0-debuginfo-4.2.4-28.14.1 libsamba-util-devel-4.2.4-28.14.1 libsamdb-devel-4.2.4-28.14.1 libsmbclient-devel-4.2.4-28.14.1 libsmbclient-raw-devel-4.2.4-28.14.1 libsmbconf-devel-4.2.4-28.14.1 libsmbldap-devel-4.2.4-28.14.1 libtevent-util-devel-4.2.4-28.14.1 libwbclient-devel-4.2.4-28.14.1 samba-core-devel-4.2.4-28.14.1 samba-debuginfo-4.2.4-28.14.1 samba-debugsource-4.2.4-28.14.1 samba-test-devel-4.2.4-28.14.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libdcerpc-atsvc0-4.2.4-28.14.1 libdcerpc-atsvc0-debuginfo-4.2.4-28.14.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libdcerpc-atsvc0-4.2.4-28.14.1 libdcerpc-atsvc0-debuginfo-4.2.4-28.14.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libdcerpc-binding0-4.2.4-28.14.1 libdcerpc-binding0-debuginfo-4.2.4-28.14.1 libdcerpc0-4.2.4-28.14.1 libdcerpc0-debuginfo-4.2.4-28.14.1 libgensec0-4.2.4-28.14.1 libgensec0-debuginfo-4.2.4-28.14.1 libndr-krb5pac0-4.2.4-28.14.1 libndr-krb5pac0-debuginfo-4.2.4-28.14.1 libndr-nbt0-4.2.4-28.14.1 libndr-nbt0-debuginfo-4.2.4-28.14.1 libndr-standard0-4.2.4-28.14.1 libndr-standard0-debuginfo-4.2.4-28.14.1 libndr0-4.2.4-28.14.1 libndr0-debuginfo-4.2.4-28.14.1 libnetapi0-4.2.4-28.14.1 libnetapi0-debuginfo-4.2.4-28.14.1 libregistry0-4.2.4-28.14.1 libregistry0-debuginfo-4.2.4-28.14.1 libsamba-credentials0-4.2.4-28.14.1 libsamba-credentials0-debuginfo-4.2.4-28.14.1 libsamba-hostconfig0-4.2.4-28.14.1 libsamba-hostconfig0-debuginfo-4.2.4-28.14.1 libsamba-passdb0-4.2.4-28.14.1 libsamba-passdb0-debuginfo-4.2.4-28.14.1 libsamba-util0-4.2.4-28.14.1 libsamba-util0-debuginfo-4.2.4-28.14.1 libsamdb0-4.2.4-28.14.1 libsamdb0-debuginfo-4.2.4-28.14.1 libsmbclient-raw0-4.2.4-28.14.1 libsmbclient-raw0-debuginfo-4.2.4-28.14.1 libsmbclient0-4.2.4-28.14.1 libsmbclient0-debuginfo-4.2.4-28.14.1 libsmbconf0-4.2.4-28.14.1 libsmbconf0-debuginfo-4.2.4-28.14.1 libsmbldap0-4.2.4-28.14.1 libsmbldap0-debuginfo-4.2.4-28.14.1 libtevent-util0-4.2.4-28.14.1 libtevent-util0-debuginfo-4.2.4-28.14.1 libwbclient0-4.2.4-28.14.1 libwbclient0-debuginfo-4.2.4-28.14.1 samba-4.2.4-28.14.1 samba-client-4.2.4-28.14.1 samba-client-debuginfo-4.2.4-28.14.1 samba-debuginfo-4.2.4-28.14.1 samba-debugsource-4.2.4-28.14.1 samba-libs-4.2.4-28.14.1 samba-libs-debuginfo-4.2.4-28.14.1 samba-winbind-4.2.4-28.14.1 samba-winbind-debuginfo-4.2.4-28.14.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-28.14.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.14.1 libdcerpc0-32bit-4.2.4-28.14.1 libdcerpc0-debuginfo-32bit-4.2.4-28.14.1 libgensec0-32bit-4.2.4-28.14.1 libgensec0-debuginfo-32bit-4.2.4-28.14.1 libndr-krb5pac0-32bit-4.2.4-28.14.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.14.1 libndr-nbt0-32bit-4.2.4-28.14.1 libndr-nbt0-debuginfo-32bit-4.2.4-28.14.1 libndr-standard0-32bit-4.2.4-28.14.1 libndr-standard0-debuginfo-32bit-4.2.4-28.14.1 libndr0-32bit-4.2.4-28.14.1 libndr0-debuginfo-32bit-4.2.4-28.14.1 libnetapi0-32bit-4.2.4-28.14.1 libnetapi0-debuginfo-32bit-4.2.4-28.14.1 libsamba-credentials0-32bit-4.2.4-28.14.1 libsamba-credentials0-debuginfo-32bit-4.2.4-28.14.1 libsamba-hostconfig0-32bit-4.2.4-28.14.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.14.1 libsamba-passdb0-32bit-4.2.4-28.14.1 libsamba-passdb0-debuginfo-32bit-4.2.4-28.14.1 libsamba-util0-32bit-4.2.4-28.14.1 libsamba-util0-debuginfo-32bit-4.2.4-28.14.1 libsamdb0-32bit-4.2.4-28.14.1 libsamdb0-debuginfo-32bit-4.2.4-28.14.1 libsmbclient-raw0-32bit-4.2.4-28.14.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.14.1 libsmbclient0-32bit-4.2.4-28.14.1 libsmbclient0-debuginfo-32bit-4.2.4-28.14.1 libsmbconf0-32bit-4.2.4-28.14.1 libsmbconf0-debuginfo-32bit-4.2.4-28.14.1 libsmbldap0-32bit-4.2.4-28.14.1 libsmbldap0-debuginfo-32bit-4.2.4-28.14.1 libtevent-util0-32bit-4.2.4-28.14.1 libtevent-util0-debuginfo-32bit-4.2.4-28.14.1 libwbclient0-32bit-4.2.4-28.14.1 libwbclient0-debuginfo-32bit-4.2.4-28.14.1 samba-32bit-4.2.4-28.14.1 samba-client-32bit-4.2.4-28.14.1 samba-client-debuginfo-32bit-4.2.4-28.14.1 samba-debuginfo-32bit-4.2.4-28.14.1 samba-libs-32bit-4.2.4-28.14.1 samba-libs-debuginfo-32bit-4.2.4-28.14.1 samba-winbind-32bit-4.2.4-28.14.1 samba-winbind-debuginfo-32bit-4.2.4-28.14.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): samba-doc-4.2.4-28.14.1 - SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64): ctdb-4.2.4-28.14.1 ctdb-debuginfo-4.2.4-28.14.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libdcerpc-atsvc0-4.2.4-28.14.1 libdcerpc-atsvc0-debuginfo-4.2.4-28.14.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): samba-doc-4.2.4-28.14.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libdcerpc-binding0-32bit-4.2.4-28.14.1 libdcerpc-binding0-4.2.4-28.14.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.14.1 libdcerpc-binding0-debuginfo-4.2.4-28.14.1 libdcerpc0-32bit-4.2.4-28.14.1 libdcerpc0-4.2.4-28.14.1 libdcerpc0-debuginfo-32bit-4.2.4-28.14.1 libdcerpc0-debuginfo-4.2.4-28.14.1 libgensec0-32bit-4.2.4-28.14.1 libgensec0-4.2.4-28.14.1 libgensec0-debuginfo-32bit-4.2.4-28.14.1 libgensec0-debuginfo-4.2.4-28.14.1 libndr-krb5pac0-32bit-4.2.4-28.14.1 libndr-krb5pac0-4.2.4-28.14.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.14.1 libndr-krb5pac0-debuginfo-4.2.4-28.14.1 libndr-nbt0-32bit-4.2.4-28.14.1 libndr-nbt0-4.2.4-28.14.1 libndr-nbt0-debuginfo-32bit-4.2.4-28.14.1 libndr-nbt0-debuginfo-4.2.4-28.14.1 libndr-standard0-32bit-4.2.4-28.14.1 libndr-standard0-4.2.4-28.14.1 libndr-standard0-debuginfo-32bit-4.2.4-28.14.1 libndr-standard0-debuginfo-4.2.4-28.14.1 libndr0-32bit-4.2.4-28.14.1 libndr0-4.2.4-28.14.1 libndr0-debuginfo-32bit-4.2.4-28.14.1 libndr0-debuginfo-4.2.4-28.14.1 libnetapi0-32bit-4.2.4-28.14.1 libnetapi0-4.2.4-28.14.1 libnetapi0-debuginfo-32bit-4.2.4-28.14.1 libnetapi0-debuginfo-4.2.4-28.14.1 libregistry0-4.2.4-28.14.1 libregistry0-debuginfo-4.2.4-28.14.1 libsamba-credentials0-32bit-4.2.4-28.14.1 libsamba-credentials0-4.2.4-28.14.1 libsamba-credentials0-debuginfo-32bit-4.2.4-28.14.1 libsamba-credentials0-debuginfo-4.2.4-28.14.1 libsamba-hostconfig0-32bit-4.2.4-28.14.1 libsamba-hostconfig0-4.2.4-28.14.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.14.1 libsamba-hostconfig0-debuginfo-4.2.4-28.14.1 libsamba-passdb0-32bit-4.2.4-28.14.1 libsamba-passdb0-4.2.4-28.14.1 libsamba-passdb0-debuginfo-32bit-4.2.4-28.14.1 libsamba-passdb0-debuginfo-4.2.4-28.14.1 libsamba-util0-32bit-4.2.4-28.14.1 libsamba-util0-4.2.4-28.14.1 libsamba-util0-debuginfo-32bit-4.2.4-28.14.1 libsamba-util0-debuginfo-4.2.4-28.14.1 libsamdb0-32bit-4.2.4-28.14.1 libsamdb0-4.2.4-28.14.1 libsamdb0-debuginfo-32bit-4.2.4-28.14.1 libsamdb0-debuginfo-4.2.4-28.14.1 libsmbclient-raw0-32bit-4.2.4-28.14.1 libsmbclient-raw0-4.2.4-28.14.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.14.1 libsmbclient-raw0-debuginfo-4.2.4-28.14.1 libsmbclient0-32bit-4.2.4-28.14.1 libsmbclient0-4.2.4-28.14.1 libsmbclient0-debuginfo-32bit-4.2.4-28.14.1 libsmbclient0-debuginfo-4.2.4-28.14.1 libsmbconf0-32bit-4.2.4-28.14.1 libsmbconf0-4.2.4-28.14.1 libsmbconf0-debuginfo-32bit-4.2.4-28.14.1 libsmbconf0-debuginfo-4.2.4-28.14.1 libsmbldap0-32bit-4.2.4-28.14.1 libsmbldap0-4.2.4-28.14.1 libsmbldap0-debuginfo-32bit-4.2.4-28.14.1 libsmbldap0-debuginfo-4.2.4-28.14.1 libtevent-util0-32bit-4.2.4-28.14.1 libtevent-util0-4.2.4-28.14.1 libtevent-util0-debuginfo-32bit-4.2.4-28.14.1 libtevent-util0-debuginfo-4.2.4-28.14.1 libwbclient0-32bit-4.2.4-28.14.1 libwbclient0-4.2.4-28.14.1 libwbclient0-debuginfo-32bit-4.2.4-28.14.1 libwbclient0-debuginfo-4.2.4-28.14.1 samba-32bit-4.2.4-28.14.1 samba-4.2.4-28.14.1 samba-client-32bit-4.2.4-28.14.1 samba-client-4.2.4-28.14.1 samba-client-debuginfo-32bit-4.2.4-28.14.1 samba-client-debuginfo-4.2.4-28.14.1 samba-debuginfo-32bit-4.2.4-28.14.1 samba-debuginfo-4.2.4-28.14.1 samba-debugsource-4.2.4-28.14.1 samba-libs-32bit-4.2.4-28.14.1 samba-libs-4.2.4-28.14.1 samba-libs-debuginfo-32bit-4.2.4-28.14.1 samba-libs-debuginfo-4.2.4-28.14.1 samba-winbind-32bit-4.2.4-28.14.1 samba-winbind-4.2.4-28.14.1 samba-winbind-debuginfo-32bit-4.2.4-28.14.1 samba-winbind-debuginfo-4.2.4-28.14.1 References: https://www.suse.com/security/cve/CVE-2017-7494.html https://bugzilla.suse.com/1038231 From sle-security-updates at lists.suse.com Wed May 24 07:10:25 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 15:10:25 +0200 (CEST) Subject: SUSE-SU-2017:1393-1: important: Security update for samba Message-ID: <20170524131025.90C8F101C6@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1393-1 Rating: important References: #1038231 Cross-References: CVE-2017-7494 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-853=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-853=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-853=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-853=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-853=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libsmbclient-devel-4.4.2-38.6.1 libwbclient-devel-4.4.2-38.6.1 samba-debuginfo-4.4.2-38.6.1 samba-debugsource-4.4.2-38.6.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libdcerpc-binding0-4.4.2-38.6.1 libdcerpc-binding0-debuginfo-4.4.2-38.6.1 libdcerpc0-4.4.2-38.6.1 libdcerpc0-debuginfo-4.4.2-38.6.1 libndr-krb5pac0-4.4.2-38.6.1 libndr-krb5pac0-debuginfo-4.4.2-38.6.1 libndr-nbt0-4.4.2-38.6.1 libndr-nbt0-debuginfo-4.4.2-38.6.1 libndr-standard0-4.4.2-38.6.1 libndr-standard0-debuginfo-4.4.2-38.6.1 libndr0-4.4.2-38.6.1 libndr0-debuginfo-4.4.2-38.6.1 libnetapi0-4.4.2-38.6.1 libnetapi0-debuginfo-4.4.2-38.6.1 libsamba-credentials0-4.4.2-38.6.1 libsamba-credentials0-debuginfo-4.4.2-38.6.1 libsamba-errors0-4.4.2-38.6.1 libsamba-errors0-debuginfo-4.4.2-38.6.1 libsamba-hostconfig0-4.4.2-38.6.1 libsamba-hostconfig0-debuginfo-4.4.2-38.6.1 libsamba-passdb0-4.4.2-38.6.1 libsamba-passdb0-debuginfo-4.4.2-38.6.1 libsamba-util0-4.4.2-38.6.1 libsamba-util0-debuginfo-4.4.2-38.6.1 libsamdb0-4.4.2-38.6.1 libsamdb0-debuginfo-4.4.2-38.6.1 libsmbclient0-4.4.2-38.6.1 libsmbclient0-debuginfo-4.4.2-38.6.1 libsmbconf0-4.4.2-38.6.1 libsmbconf0-debuginfo-4.4.2-38.6.1 libsmbldap0-4.4.2-38.6.1 libsmbldap0-debuginfo-4.4.2-38.6.1 libtevent-util0-4.4.2-38.6.1 libtevent-util0-debuginfo-4.4.2-38.6.1 libwbclient0-4.4.2-38.6.1 libwbclient0-debuginfo-4.4.2-38.6.1 samba-4.4.2-38.6.1 samba-client-4.4.2-38.6.1 samba-client-debuginfo-4.4.2-38.6.1 samba-debuginfo-4.4.2-38.6.1 samba-debugsource-4.4.2-38.6.1 samba-libs-4.4.2-38.6.1 samba-libs-debuginfo-4.4.2-38.6.1 samba-winbind-4.4.2-38.6.1 samba-winbind-debuginfo-4.4.2-38.6.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): samba-doc-4.4.2-38.6.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libdcerpc-binding0-4.4.2-38.6.1 libdcerpc-binding0-debuginfo-4.4.2-38.6.1 libdcerpc0-4.4.2-38.6.1 libdcerpc0-debuginfo-4.4.2-38.6.1 libndr-krb5pac0-4.4.2-38.6.1 libndr-krb5pac0-debuginfo-4.4.2-38.6.1 libndr-nbt0-4.4.2-38.6.1 libndr-nbt0-debuginfo-4.4.2-38.6.1 libndr-standard0-4.4.2-38.6.1 libndr-standard0-debuginfo-4.4.2-38.6.1 libndr0-4.4.2-38.6.1 libndr0-debuginfo-4.4.2-38.6.1 libnetapi0-4.4.2-38.6.1 libnetapi0-debuginfo-4.4.2-38.6.1 libsamba-credentials0-4.4.2-38.6.1 libsamba-credentials0-debuginfo-4.4.2-38.6.1 libsamba-errors0-4.4.2-38.6.1 libsamba-errors0-debuginfo-4.4.2-38.6.1 libsamba-hostconfig0-4.4.2-38.6.1 libsamba-hostconfig0-debuginfo-4.4.2-38.6.1 libsamba-passdb0-4.4.2-38.6.1 libsamba-passdb0-debuginfo-4.4.2-38.6.1 libsamba-util0-4.4.2-38.6.1 libsamba-util0-debuginfo-4.4.2-38.6.1 libsamdb0-4.4.2-38.6.1 libsamdb0-debuginfo-4.4.2-38.6.1 libsmbclient0-4.4.2-38.6.1 libsmbclient0-debuginfo-4.4.2-38.6.1 libsmbconf0-4.4.2-38.6.1 libsmbconf0-debuginfo-4.4.2-38.6.1 libsmbldap0-4.4.2-38.6.1 libsmbldap0-debuginfo-4.4.2-38.6.1 libtevent-util0-4.4.2-38.6.1 libtevent-util0-debuginfo-4.4.2-38.6.1 libwbclient0-4.4.2-38.6.1 libwbclient0-debuginfo-4.4.2-38.6.1 samba-4.4.2-38.6.1 samba-client-4.4.2-38.6.1 samba-client-debuginfo-4.4.2-38.6.1 samba-debuginfo-4.4.2-38.6.1 samba-debugsource-4.4.2-38.6.1 samba-libs-4.4.2-38.6.1 samba-libs-debuginfo-4.4.2-38.6.1 samba-winbind-4.4.2-38.6.1 samba-winbind-debuginfo-4.4.2-38.6.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): samba-doc-4.4.2-38.6.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libdcerpc-binding0-32bit-4.4.2-38.6.1 libdcerpc-binding0-debuginfo-32bit-4.4.2-38.6.1 libdcerpc0-32bit-4.4.2-38.6.1 libdcerpc0-debuginfo-32bit-4.4.2-38.6.1 libndr-krb5pac0-32bit-4.4.2-38.6.1 libndr-krb5pac0-debuginfo-32bit-4.4.2-38.6.1 libndr-nbt0-32bit-4.4.2-38.6.1 libndr-nbt0-debuginfo-32bit-4.4.2-38.6.1 libndr-standard0-32bit-4.4.2-38.6.1 libndr-standard0-debuginfo-32bit-4.4.2-38.6.1 libndr0-32bit-4.4.2-38.6.1 libndr0-debuginfo-32bit-4.4.2-38.6.1 libnetapi0-32bit-4.4.2-38.6.1 libnetapi0-debuginfo-32bit-4.4.2-38.6.1 libsamba-credentials0-32bit-4.4.2-38.6.1 libsamba-credentials0-debuginfo-32bit-4.4.2-38.6.1 libsamba-errors0-32bit-4.4.2-38.6.1 libsamba-errors0-debuginfo-32bit-4.4.2-38.6.1 libsamba-hostconfig0-32bit-4.4.2-38.6.1 libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.6.1 libsamba-passdb0-32bit-4.4.2-38.6.1 libsamba-passdb0-debuginfo-32bit-4.4.2-38.6.1 libsamba-util0-32bit-4.4.2-38.6.1 libsamba-util0-debuginfo-32bit-4.4.2-38.6.1 libsamdb0-32bit-4.4.2-38.6.1 libsamdb0-debuginfo-32bit-4.4.2-38.6.1 libsmbclient0-32bit-4.4.2-38.6.1 libsmbclient0-debuginfo-32bit-4.4.2-38.6.1 libsmbconf0-32bit-4.4.2-38.6.1 libsmbconf0-debuginfo-32bit-4.4.2-38.6.1 libsmbldap0-32bit-4.4.2-38.6.1 libsmbldap0-debuginfo-32bit-4.4.2-38.6.1 libtevent-util0-32bit-4.4.2-38.6.1 libtevent-util0-debuginfo-32bit-4.4.2-38.6.1 libwbclient0-32bit-4.4.2-38.6.1 libwbclient0-debuginfo-32bit-4.4.2-38.6.1 samba-client-32bit-4.4.2-38.6.1 samba-client-debuginfo-32bit-4.4.2-38.6.1 samba-libs-32bit-4.4.2-38.6.1 samba-libs-debuginfo-32bit-4.4.2-38.6.1 samba-winbind-32bit-4.4.2-38.6.1 samba-winbind-debuginfo-32bit-4.4.2-38.6.1 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): ctdb-4.4.2-38.6.1 ctdb-debuginfo-4.4.2-38.6.1 samba-debuginfo-4.4.2-38.6.1 samba-debugsource-4.4.2-38.6.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): samba-doc-4.4.2-38.6.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libdcerpc-binding0-32bit-4.4.2-38.6.1 libdcerpc-binding0-4.4.2-38.6.1 libdcerpc-binding0-debuginfo-32bit-4.4.2-38.6.1 libdcerpc-binding0-debuginfo-4.4.2-38.6.1 libdcerpc0-32bit-4.4.2-38.6.1 libdcerpc0-4.4.2-38.6.1 libdcerpc0-debuginfo-32bit-4.4.2-38.6.1 libdcerpc0-debuginfo-4.4.2-38.6.1 libndr-krb5pac0-32bit-4.4.2-38.6.1 libndr-krb5pac0-4.4.2-38.6.1 libndr-krb5pac0-debuginfo-32bit-4.4.2-38.6.1 libndr-krb5pac0-debuginfo-4.4.2-38.6.1 libndr-nbt0-32bit-4.4.2-38.6.1 libndr-nbt0-4.4.2-38.6.1 libndr-nbt0-debuginfo-32bit-4.4.2-38.6.1 libndr-nbt0-debuginfo-4.4.2-38.6.1 libndr-standard0-32bit-4.4.2-38.6.1 libndr-standard0-4.4.2-38.6.1 libndr-standard0-debuginfo-32bit-4.4.2-38.6.1 libndr-standard0-debuginfo-4.4.2-38.6.1 libndr0-32bit-4.4.2-38.6.1 libndr0-4.4.2-38.6.1 libndr0-debuginfo-32bit-4.4.2-38.6.1 libndr0-debuginfo-4.4.2-38.6.1 libnetapi0-32bit-4.4.2-38.6.1 libnetapi0-4.4.2-38.6.1 libnetapi0-debuginfo-32bit-4.4.2-38.6.1 libnetapi0-debuginfo-4.4.2-38.6.1 libsamba-credentials0-32bit-4.4.2-38.6.1 libsamba-credentials0-4.4.2-38.6.1 libsamba-credentials0-debuginfo-32bit-4.4.2-38.6.1 libsamba-credentials0-debuginfo-4.4.2-38.6.1 libsamba-errors0-32bit-4.4.2-38.6.1 libsamba-errors0-4.4.2-38.6.1 libsamba-errors0-debuginfo-32bit-4.4.2-38.6.1 libsamba-errors0-debuginfo-4.4.2-38.6.1 libsamba-hostconfig0-32bit-4.4.2-38.6.1 libsamba-hostconfig0-4.4.2-38.6.1 libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.6.1 libsamba-hostconfig0-debuginfo-4.4.2-38.6.1 libsamba-passdb0-32bit-4.4.2-38.6.1 libsamba-passdb0-4.4.2-38.6.1 libsamba-passdb0-debuginfo-32bit-4.4.2-38.6.1 libsamba-passdb0-debuginfo-4.4.2-38.6.1 libsamba-util0-32bit-4.4.2-38.6.1 libsamba-util0-4.4.2-38.6.1 libsamba-util0-debuginfo-32bit-4.4.2-38.6.1 libsamba-util0-debuginfo-4.4.2-38.6.1 libsamdb0-32bit-4.4.2-38.6.1 libsamdb0-4.4.2-38.6.1 libsamdb0-debuginfo-32bit-4.4.2-38.6.1 libsamdb0-debuginfo-4.4.2-38.6.1 libsmbclient0-32bit-4.4.2-38.6.1 libsmbclient0-4.4.2-38.6.1 libsmbclient0-debuginfo-32bit-4.4.2-38.6.1 libsmbclient0-debuginfo-4.4.2-38.6.1 libsmbconf0-32bit-4.4.2-38.6.1 libsmbconf0-4.4.2-38.6.1 libsmbconf0-debuginfo-32bit-4.4.2-38.6.1 libsmbconf0-debuginfo-4.4.2-38.6.1 libsmbldap0-32bit-4.4.2-38.6.1 libsmbldap0-4.4.2-38.6.1 libsmbldap0-debuginfo-32bit-4.4.2-38.6.1 libsmbldap0-debuginfo-4.4.2-38.6.1 libtevent-util0-32bit-4.4.2-38.6.1 libtevent-util0-4.4.2-38.6.1 libtevent-util0-debuginfo-32bit-4.4.2-38.6.1 libtevent-util0-debuginfo-4.4.2-38.6.1 libwbclient0-32bit-4.4.2-38.6.1 libwbclient0-4.4.2-38.6.1 libwbclient0-debuginfo-32bit-4.4.2-38.6.1 libwbclient0-debuginfo-4.4.2-38.6.1 samba-4.4.2-38.6.1 samba-client-32bit-4.4.2-38.6.1 samba-client-4.4.2-38.6.1 samba-client-debuginfo-32bit-4.4.2-38.6.1 samba-client-debuginfo-4.4.2-38.6.1 samba-debuginfo-4.4.2-38.6.1 samba-debugsource-4.4.2-38.6.1 samba-libs-32bit-4.4.2-38.6.1 samba-libs-4.4.2-38.6.1 samba-libs-debuginfo-32bit-4.4.2-38.6.1 samba-libs-debuginfo-4.4.2-38.6.1 samba-winbind-32bit-4.4.2-38.6.1 samba-winbind-4.4.2-38.6.1 samba-winbind-debuginfo-32bit-4.4.2-38.6.1 samba-winbind-debuginfo-4.4.2-38.6.1 References: https://www.suse.com/security/cve/CVE-2017-7494.html https://bugzilla.suse.com/1038231 From sle-security-updates at lists.suse.com Wed May 24 07:11:31 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 15:11:31 +0200 (CEST) Subject: SUSE-SU-2017:1396-1: important: Security update for samba Message-ID: <20170524131131.BD746101C9@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1396-1 Rating: important References: #1038231 Cross-References: CVE-2017-7494 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-852=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-852=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): ctdb-4.2.4-18.41.1 ctdb-debuginfo-4.2.4-18.41.1 libdcerpc-binding0-32bit-4.2.4-18.41.1 libdcerpc-binding0-4.2.4-18.41.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.41.1 libdcerpc-binding0-debuginfo-4.2.4-18.41.1 libdcerpc0-32bit-4.2.4-18.41.1 libdcerpc0-4.2.4-18.41.1 libdcerpc0-debuginfo-32bit-4.2.4-18.41.1 libdcerpc0-debuginfo-4.2.4-18.41.1 libgensec0-32bit-4.2.4-18.41.1 libgensec0-4.2.4-18.41.1 libgensec0-debuginfo-32bit-4.2.4-18.41.1 libgensec0-debuginfo-4.2.4-18.41.1 libndr-krb5pac0-32bit-4.2.4-18.41.1 libndr-krb5pac0-4.2.4-18.41.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.41.1 libndr-krb5pac0-debuginfo-4.2.4-18.41.1 libndr-nbt0-32bit-4.2.4-18.41.1 libndr-nbt0-4.2.4-18.41.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.41.1 libndr-nbt0-debuginfo-4.2.4-18.41.1 libndr-standard0-32bit-4.2.4-18.41.1 libndr-standard0-4.2.4-18.41.1 libndr-standard0-debuginfo-32bit-4.2.4-18.41.1 libndr-standard0-debuginfo-4.2.4-18.41.1 libndr0-32bit-4.2.4-18.41.1 libndr0-4.2.4-18.41.1 libndr0-debuginfo-32bit-4.2.4-18.41.1 libndr0-debuginfo-4.2.4-18.41.1 libnetapi0-32bit-4.2.4-18.41.1 libnetapi0-4.2.4-18.41.1 libnetapi0-debuginfo-32bit-4.2.4-18.41.1 libnetapi0-debuginfo-4.2.4-18.41.1 libregistry0-4.2.4-18.41.1 libregistry0-debuginfo-4.2.4-18.41.1 libsamba-credentials0-32bit-4.2.4-18.41.1 libsamba-credentials0-4.2.4-18.41.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.41.1 libsamba-credentials0-debuginfo-4.2.4-18.41.1 libsamba-hostconfig0-32bit-4.2.4-18.41.1 libsamba-hostconfig0-4.2.4-18.41.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.41.1 libsamba-hostconfig0-debuginfo-4.2.4-18.41.1 libsamba-passdb0-32bit-4.2.4-18.41.1 libsamba-passdb0-4.2.4-18.41.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.41.1 libsamba-passdb0-debuginfo-4.2.4-18.41.1 libsamba-util0-32bit-4.2.4-18.41.1 libsamba-util0-4.2.4-18.41.1 libsamba-util0-debuginfo-32bit-4.2.4-18.41.1 libsamba-util0-debuginfo-4.2.4-18.41.1 libsamdb0-32bit-4.2.4-18.41.1 libsamdb0-4.2.4-18.41.1 libsamdb0-debuginfo-32bit-4.2.4-18.41.1 libsamdb0-debuginfo-4.2.4-18.41.1 libsmbclient-raw0-32bit-4.2.4-18.41.1 libsmbclient-raw0-4.2.4-18.41.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.41.1 libsmbclient-raw0-debuginfo-4.2.4-18.41.1 libsmbclient0-32bit-4.2.4-18.41.1 libsmbclient0-4.2.4-18.41.1 libsmbclient0-debuginfo-32bit-4.2.4-18.41.1 libsmbclient0-debuginfo-4.2.4-18.41.1 libsmbconf0-32bit-4.2.4-18.41.1 libsmbconf0-4.2.4-18.41.1 libsmbconf0-debuginfo-32bit-4.2.4-18.41.1 libsmbconf0-debuginfo-4.2.4-18.41.1 libsmbldap0-32bit-4.2.4-18.41.1 libsmbldap0-4.2.4-18.41.1 libsmbldap0-debuginfo-32bit-4.2.4-18.41.1 libsmbldap0-debuginfo-4.2.4-18.41.1 libtevent-util0-32bit-4.2.4-18.41.1 libtevent-util0-4.2.4-18.41.1 libtevent-util0-debuginfo-32bit-4.2.4-18.41.1 libtevent-util0-debuginfo-4.2.4-18.41.1 libwbclient0-32bit-4.2.4-18.41.1 libwbclient0-4.2.4-18.41.1 libwbclient0-debuginfo-32bit-4.2.4-18.41.1 libwbclient0-debuginfo-4.2.4-18.41.1 samba-32bit-4.2.4-18.41.1 samba-4.2.4-18.41.1 samba-client-32bit-4.2.4-18.41.1 samba-client-4.2.4-18.41.1 samba-client-debuginfo-32bit-4.2.4-18.41.1 samba-client-debuginfo-4.2.4-18.41.1 samba-debuginfo-32bit-4.2.4-18.41.1 samba-debuginfo-4.2.4-18.41.1 samba-debugsource-4.2.4-18.41.1 samba-libs-32bit-4.2.4-18.41.1 samba-libs-4.2.4-18.41.1 samba-libs-debuginfo-32bit-4.2.4-18.41.1 samba-libs-debuginfo-4.2.4-18.41.1 samba-winbind-32bit-4.2.4-18.41.1 samba-winbind-4.2.4-18.41.1 samba-winbind-debuginfo-32bit-4.2.4-18.41.1 samba-winbind-debuginfo-4.2.4-18.41.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): samba-doc-4.2.4-18.41.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): ctdb-4.2.4-18.41.1 ctdb-debuginfo-4.2.4-18.41.1 libdcerpc-binding0-4.2.4-18.41.1 libdcerpc-binding0-debuginfo-4.2.4-18.41.1 libdcerpc0-4.2.4-18.41.1 libdcerpc0-debuginfo-4.2.4-18.41.1 libgensec0-4.2.4-18.41.1 libgensec0-debuginfo-4.2.4-18.41.1 libndr-krb5pac0-4.2.4-18.41.1 libndr-krb5pac0-debuginfo-4.2.4-18.41.1 libndr-nbt0-4.2.4-18.41.1 libndr-nbt0-debuginfo-4.2.4-18.41.1 libndr-standard0-4.2.4-18.41.1 libndr-standard0-debuginfo-4.2.4-18.41.1 libndr0-4.2.4-18.41.1 libndr0-debuginfo-4.2.4-18.41.1 libnetapi0-4.2.4-18.41.1 libnetapi0-debuginfo-4.2.4-18.41.1 libregistry0-4.2.4-18.41.1 libregistry0-debuginfo-4.2.4-18.41.1 libsamba-credentials0-4.2.4-18.41.1 libsamba-credentials0-debuginfo-4.2.4-18.41.1 libsamba-hostconfig0-4.2.4-18.41.1 libsamba-hostconfig0-debuginfo-4.2.4-18.41.1 libsamba-passdb0-4.2.4-18.41.1 libsamba-passdb0-debuginfo-4.2.4-18.41.1 libsamba-util0-4.2.4-18.41.1 libsamba-util0-debuginfo-4.2.4-18.41.1 libsamdb0-4.2.4-18.41.1 libsamdb0-debuginfo-4.2.4-18.41.1 libsmbclient-raw0-4.2.4-18.41.1 libsmbclient-raw0-debuginfo-4.2.4-18.41.1 libsmbclient0-4.2.4-18.41.1 libsmbclient0-debuginfo-4.2.4-18.41.1 libsmbconf0-4.2.4-18.41.1 libsmbconf0-debuginfo-4.2.4-18.41.1 libsmbldap0-4.2.4-18.41.1 libsmbldap0-debuginfo-4.2.4-18.41.1 libtevent-util0-4.2.4-18.41.1 libtevent-util0-debuginfo-4.2.4-18.41.1 libwbclient0-4.2.4-18.41.1 libwbclient0-debuginfo-4.2.4-18.41.1 samba-4.2.4-18.41.1 samba-client-4.2.4-18.41.1 samba-client-debuginfo-4.2.4-18.41.1 samba-debuginfo-4.2.4-18.41.1 samba-debugsource-4.2.4-18.41.1 samba-libs-4.2.4-18.41.1 samba-libs-debuginfo-4.2.4-18.41.1 samba-winbind-4.2.4-18.41.1 samba-winbind-debuginfo-4.2.4-18.41.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-18.41.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.41.1 libdcerpc0-32bit-4.2.4-18.41.1 libdcerpc0-debuginfo-32bit-4.2.4-18.41.1 libgensec0-32bit-4.2.4-18.41.1 libgensec0-debuginfo-32bit-4.2.4-18.41.1 libndr-krb5pac0-32bit-4.2.4-18.41.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.41.1 libndr-nbt0-32bit-4.2.4-18.41.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.41.1 libndr-standard0-32bit-4.2.4-18.41.1 libndr-standard0-debuginfo-32bit-4.2.4-18.41.1 libndr0-32bit-4.2.4-18.41.1 libndr0-debuginfo-32bit-4.2.4-18.41.1 libnetapi0-32bit-4.2.4-18.41.1 libnetapi0-debuginfo-32bit-4.2.4-18.41.1 libsamba-credentials0-32bit-4.2.4-18.41.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.41.1 libsamba-hostconfig0-32bit-4.2.4-18.41.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.41.1 libsamba-passdb0-32bit-4.2.4-18.41.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.41.1 libsamba-util0-32bit-4.2.4-18.41.1 libsamba-util0-debuginfo-32bit-4.2.4-18.41.1 libsamdb0-32bit-4.2.4-18.41.1 libsamdb0-debuginfo-32bit-4.2.4-18.41.1 libsmbclient-raw0-32bit-4.2.4-18.41.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.41.1 libsmbclient0-32bit-4.2.4-18.41.1 libsmbclient0-debuginfo-32bit-4.2.4-18.41.1 libsmbconf0-32bit-4.2.4-18.41.1 libsmbconf0-debuginfo-32bit-4.2.4-18.41.1 libsmbldap0-32bit-4.2.4-18.41.1 libsmbldap0-debuginfo-32bit-4.2.4-18.41.1 libtevent-util0-32bit-4.2.4-18.41.1 libtevent-util0-debuginfo-32bit-4.2.4-18.41.1 libwbclient0-32bit-4.2.4-18.41.1 libwbclient0-debuginfo-32bit-4.2.4-18.41.1 samba-32bit-4.2.4-18.41.1 samba-client-32bit-4.2.4-18.41.1 samba-client-debuginfo-32bit-4.2.4-18.41.1 samba-debuginfo-32bit-4.2.4-18.41.1 samba-libs-32bit-4.2.4-18.41.1 samba-libs-debuginfo-32bit-4.2.4-18.41.1 samba-winbind-32bit-4.2.4-18.41.1 samba-winbind-debuginfo-32bit-4.2.4-18.41.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): samba-doc-4.2.4-18.41.1 References: https://www.suse.com/security/cve/CVE-2017-7494.html https://bugzilla.suse.com/1038231 From sle-security-updates at lists.suse.com Wed May 24 13:10:57 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 21:10:57 +0200 (CEST) Subject: SUSE-SU-2017:1398-1: moderate: Security update for pam Message-ID: <20170524191057.9B5CB101C9@maintenance.suse.de> SUSE Security Update: Security update for pam ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1398-1 Rating: moderate References: #1015565 #1037824 #934920 Cross-References: CVE-2015-3238 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for pam fixes the following issues: - CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks (bsc#934920). - log a hint to syslog if /etc/nologin is present, but empty (bsc#1015565). - If /etc/nologin is present, but empty, log a hint to syslog. (bsc#1015565) - Added support for libowcrypt.so, if present, to configure support for BLOWFISH (bsc#1037824) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-865=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-865=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-865=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-865=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-865=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-865=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-865=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-865=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 pam-devel-1.1.8-23.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 pam-devel-1.1.8-23.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): pam-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): pam-doc-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): pam-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): pam-32bit-1.1.8-23.1 pam-debuginfo-32bit-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): pam-doc-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): pam-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): pam-32bit-1.1.8-23.1 pam-debuginfo-32bit-1.1.8-23.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): pam-doc-1.1.8-23.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): pam-1.1.8-23.1 pam-32bit-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debuginfo-32bit-1.1.8-23.1 pam-debugsource-1.1.8-23.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): pam-doc-1.1.8-23.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): pam-1.1.8-23.1 pam-32bit-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debuginfo-32bit-1.1.8-23.1 pam-debugsource-1.1.8-23.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): pam-doc-1.1.8-23.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): pam-1.1.8-23.1 pam-debuginfo-1.1.8-23.1 pam-debugsource-1.1.8-23.1 References: https://www.suse.com/security/cve/CVE-2015-3238.html https://bugzilla.suse.com/1015565 https://bugzilla.suse.com/1037824 https://bugzilla.suse.com/934920 From sle-security-updates at lists.suse.com Wed May 24 13:12:03 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 21:12:03 +0200 (CEST) Subject: SUSE-SU-2017:1400-1: important: Security update for java-1_7_0-openjdk Message-ID: <20170524191203.54C62101C7@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1400-1 Rating: important References: #1034849 Cross-References: CVE-2017-3289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.10 - OpenJDK 7u141 (bsc#1034849) * Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-3514: Windows peering issue - S8169011, CVE-2017-3526: Resizing XML parse trees - S8170222, CVE-2017-3533: Better transfers of files - S8171121, CVE-2017-3539: Enhancing jar checking - S8171533, CVE-2017-3544: Better email transfer - S8172299: Improve class processing * New features - PR3347: jstack.stp should support AArch64 * Import of OpenJDK 7 u141 build 0 - S4717864: setFont() does not update Fonts of Menus already on screen - S6474807: (smartcardio) CardTerminal.connect() throws CardException instead of CardNotPresentException - S6518907: cleanup IA64 specific code in Hotspot - S6869327: Add new C2 flag to keep safepoints in counted loops. - S7112912: Message "Error occurred during initialization of VM" on boxes with lots of RAM - S7124213: [macosx] pack() does ignore size of a component; doesn't on the other platforms - S7124219: [macosx] Unable to draw images to fullscreen - S7124552: [macosx] NullPointerException in getBufferStrategy() - S7148275: [macosx] setIconImages() not working correctly (distorted icon when minimized) - S7154841: [macosx] Popups appear behind taskbar - S7155957: closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java hangs on win 64 bit with jdk8 - S7160627: [macosx] TextArea has wrong initial size - S7167293: FtpURLConnection connection leak on FileNotFoundException - S7168851: [macosx] Netbeans crashes in CImage.nativeCreateNSImageFromArray - S7197203: sun/misc/URLClassPath/ClassnameCharTest.sh failed, compile error - S8005255: [macosx] Cleanup warnings in sun.lwawt - S8006088: Incompatible heap size flags accepted by VM - S8007295: Reduce number of warnings in awt classes - S8010722: assert: failed: heap size is too big for compressed oops - S8011059: [macosx] Support automatic @2x images loading on Mac OS X - S8014058: Regression tests for 8006088 - S8014489: tests/gc/arguments/Test(Serial|CMS|Parallel|G1)HeapSizeFlags jtreg tests invoke wrong class - S8016302: Change type of the number of GC workers to unsigned int (2) - S8024662: gc/arguments/TestUseCompressedOopsErgo.java does not compile. - S8024669: Native OOME when allocating after changes to maximum heap supporting Coops sizing on sparcv9 - S8024926: [macosx] AquaIcon HiDPI support - S8025974: l10n for policytool - S8027025: [macosx] getLocationOnScreen returns 0 if parent invisible - S8028212: Custom cursor HiDPI support - S8028471: PPC64 (part 215): opto: Extend ImplicitNullCheck optimization. - S8031573: [macosx] Checkmarks of JCheckBoxMenuItems aren't rendered in high resolution on Retina - S8033534: [macosx] Get MultiResolution image from native system - S8033786: White flashing when opening Dialogs and Menus using Nimbus with dark background - S8035568: [macosx] Cursor management unification - S8041734: JFrame in full screen mode leaves empty workspace after close - S8059803: Update use of GetVersionEx to get correct Windows version in hs_err files - S8066504: GetVersionEx in java.base/windows/native/libjava/java_props_md.c might not get correct Windows version 0 - S8079595: Resizing dialog which is JWindow parent makes JVM crash - S8080729: [macosx] java 7 and 8 JDialogs on multiscreen jump to parent frame on focus - S8130769: The new menu can't be shown on the menubar after clicking the "Add" button. - S8133357: 8u65 l10n resource file translation update - S8146602: jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test fails with NullPointerException - S8147842: IME Composition Window is displayed at incorrect location - S8147910: Cache initial active_processor_count - S8150490: Update OS detection code to recognize Windows Server 2016 - S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is enabled - S8161195: Regression: closed/javax/swing/text/FlowView/LayoutTest.java - S8161993: G1 crashes if active_processor_count changes during startup - S8162603: Unrecognized VM option 'UseCountedLoopSafepoints' - S8162876: [TEST_BUG] sun/net/www/protocol/http/HttpInputStream.java fails intermittently - S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java failed with "Error while cleaning up threads after test" - S8167179: Make XSL generated namespace prefixes local to transformation process - S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections - S8169589: [macosx] Activating a JDialog puts to back another dialog - S8170307: Stack size option -Xss is ignored - S8170316: (tz) Support tzdata2016j - S8170814: Reuse cache entries (part II) - S8171388: Update JNDI Thread contexts - S8171949: [macosx] AWT_ZoomFrame Automated tests fail with error: The bitwise mask Frame.ICONIFIED is not setwhen the frame is in ICONIFIED state - S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked. - S8173931: 8u131 L10n resource file update - S8174844: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle - S8175087: [bsd] Fix build after "8024900: PPC64: Enable new build on AIX (jdk part)" - S8175163: [bsd] Fix build after "8005629: javac warnings compiling java.awt.EventDispatchThread..." - S8176044: (tz) Support tzdata2017a * Import of OpenJDK 7 u141 build 1 - S8043723: max_heap_for_compressed_oops() declared with size_t, but defined with uintx * Import of OpenJDK 7 u141 build 2 - S8011123: serialVersionUID of java.awt.dnd.InvalidDnDOperationException changed in JDK8-b82 * Backports - S6515172, PR3362: Runtime.availableProcessors() ignores Linux taskset command - S8022284, PR3209: Hide internal data structure in PhaseCFG - S8023003, PR3209: Cleanup the public interface to PhaseCFG - S8023691, PR3209: Create interface for nodes in class Block - S8023988, PR3209: Move local scheduling of nodes to the CFG creation and code motion phase (PhaseCFG) - S8043780, PR3369: Use open(O_CLOEXEC) instead of fcntl(FD_CLOEXEC) - S8157306, PR3209: Random infrequent null pointer exceptions in javac - S8173783, PR3329: IllegalArgumentException: jdk.tls.namedGroups - S8173941, PR3330: SA does not work if executable is DSO - S8174729, PR3361: Race Condition in java.lang.reflect.WeakCache * Bug fixes - PR3349: Architectures unsupported by SystemTap tapsets throw a parse error - PR3370: Disable ARM32 JIT by default in jdk_generic_profile.sh - PR3379: Perl should be mandatory - PR3390: javac.in and javah.in should use @PERL@ rather than a hardcoded path * CACAO - PR2732: Raise javadoc memory limits for CACAO again! * AArch64 port - S8177661, PR3367: Correct ad rule output register types from iRegX to iRegXNoSp - Get ecj.jar path from gcj, use the gcc variant that provides Java to build C code to make sure jni.h is available. - S8167104, CVE-2017-3289: Additional class construction - S6253144: Long narrowing conversion should describe the - S6328537: Improve javadocs for Socket class by adding - S6978886: javadoc shows stacktrace after print error - S6995421: Eliminate the static dependency to - S7027045: (doc) java/awt/Window.java has several typos in - S7054969: Null-check-in-finally pattern in java/security - S7072353: JNDI libraries do not build with javac -Xlint:all - S7092447: Clarify the default locale used in each locale - S7103570: AtomicIntegerFieldUpdater does not work when - S7187144: JavaDoc for ScriptEngineFactory.getProgram() - S8000418: javadoc should used a standard "generated by - S8000666: javadoc should write directly to Writer instead of - S8000970: break out auxiliary classes that will prevent - S8001669: javadoc internal DocletAbortException should set - S8011402: Move blacklisting certificate logic from hard code - S8011547: Update XML Signature implementation to Apache - S8012288: XML DSig API allows wrong tag names and extra - S8017325: Cleanup of the javadoc tag in - S8017326: Cleanup of the javadoc tag in - S8019772: Fix doclint issues in javax.crypto and - S8020688: Broken links in documentation at - S8021108: Clean up doclint warnings and errors in java.text - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods - S8025409: Fix javadoc comments errors and warning reported by - S8026021: more fix of javadoc errors and warnings reported by - S8037099: [macosx] Remove all references to GC from native - S8038184: XMLSignature throws StringIndexOutOfBoundsException - S8038349: Signing XML with DSA throws Exception when key is - S8049244: XML Signature performance issue caused by - S8050893: (smartcardio) Invert reset argument in tests in - S8059212: Modify sun/security/smartcardio manual regression - S8068279: (typo in the spec) - S8068491: Update the protocol for references of - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs - S8076369: Introduce the jdk.tls.client.protocols system - S8139565: Restrict certificates with DSA keys less than 1024 - S8140422: Add mechanism to allow non default root CAs to be - S8140587: Atomic*FieldUpdaters should use Class.isInstance - S8149029: Secure validation of XML based digital signature - S8151893: Add security property to configure XML Signature - S8161228: URL objects with custom protocol handlers have port - S8163304: jarsigner -verbose -verify should print the - S8164908: ReflectionFactory support for IIOP and custom - S8165230: RMIConnection addNotificationListeners failing with - S8166393: disabledAlgorithms property should not be strictly - S8166591: [macos 10.12] Trackpad scrolling of text on OS X - S8166739: Improve extensibility of ObjectInputFilter - S8167356: Follow up fix for jdk8 backport of 8164143. Changes - S8167459: Add debug output for indicating if a chosen - S8168861: AnchorCertificates uses hardcoded password for - S8169688: Backout (remove) MD5 from - S8169911: Enhanced tests for jarsigner -verbose -verify after - S8170131: Certificates not being blocked by - S8173854: [TEST] Update DHEKeySizing test case following - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on - S8000351, PR3316, RH1390708: Tenuring threshold should be - S8153711, PR3315, RH1284948: [REDO] JDWP: Memory Leak: - S8170888, PR3316, RH1390708: [linux] Experimental support for - PR3318: Replace 'infinality' with 'improved font rendering' - PR3324: Fix NSS_LIBDIR substitution in - S8165673, PR3320: AArch64: Fix JNI floating point argument + S6604109, PR3162: - Add -fno-delete-null-pointer-checks -fno-lifetime-dse to try to directory to be specified versions of IcedTea Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-864=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-864=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-864=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-864=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-864=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): java-1_7_0-openjdk-1.7.0.141-42.1 java-1_7_0-openjdk-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-debugsource-1.7.0.141-42.1 java-1_7_0-openjdk-demo-1.7.0.141-42.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-devel-1.7.0.141-42.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-headless-1.7.0.141-42.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.141-42.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): java-1_7_0-openjdk-1.7.0.141-42.1 java-1_7_0-openjdk-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-debugsource-1.7.0.141-42.1 java-1_7_0-openjdk-demo-1.7.0.141-42.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-devel-1.7.0.141-42.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-headless-1.7.0.141-42.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.141-42.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.141-42.1 java-1_7_0-openjdk-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-debugsource-1.7.0.141-42.1 java-1_7_0-openjdk-demo-1.7.0.141-42.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-devel-1.7.0.141-42.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-headless-1.7.0.141-42.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.141-42.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_7_0-openjdk-1.7.0.141-42.1 java-1_7_0-openjdk-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-debugsource-1.7.0.141-42.1 java-1_7_0-openjdk-headless-1.7.0.141-42.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.141-42.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_7_0-openjdk-1.7.0.141-42.1 java-1_7_0-openjdk-debuginfo-1.7.0.141-42.1 java-1_7_0-openjdk-debugsource-1.7.0.141-42.1 java-1_7_0-openjdk-headless-1.7.0.141-42.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.141-42.1 References: https://www.suse.com/security/cve/CVE-2017-3289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3512.html https://www.suse.com/security/cve/CVE-2017-3514.html https://www.suse.com/security/cve/CVE-2017-3526.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1034849 From sle-security-updates at lists.suse.com Wed May 24 13:13:32 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 24 May 2017 21:13:32 +0200 (CEST) Subject: SUSE-SU-2017:1404-1: important: Security update for ghostscript Message-ID: <20170524191332.85EB3101C7@maintenance.suse.de> SUSE Security Update: Security update for ghostscript ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1404-1 Rating: important References: #1018128 #1030263 #1032114 #1032120 #1036453 Cross-References: CVE-2016-10220 CVE-2016-9601 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453) - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Denial-of-Service. (bsc#1018128) - CVE-2016-10220: A NULL pointer dereference in the PDF Transparency module allowed remote attackers to cause a Denial-of-Service. (bsc#1032120) - CVE-2017-5951: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1032114) - CVE-2017-7207: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1030263) This is a reissue of the previous update to also include SUSE Linux Enterprise 12 GA LTSS packages. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-866=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-866=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-866=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-866=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-866=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-866=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-866=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-866=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-866=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-devel-9.15-22.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-devel-9.15-22.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ghostscript-9.15-22.1 ghostscript-debuginfo-9.15-22.1 ghostscript-debugsource-9.15-22.1 ghostscript-x11-9.15-22.1 ghostscript-x11-debuginfo-9.15-22.1 References: https://www.suse.com/security/cve/CVE-2016-10220.html https://www.suse.com/security/cve/CVE-2016-9601.html https://www.suse.com/security/cve/CVE-2017-5951.html https://www.suse.com/security/cve/CVE-2017-7207.html https://www.suse.com/security/cve/CVE-2017-8291.html https://bugzilla.suse.com/1018128 https://bugzilla.suse.com/1030263 https://bugzilla.suse.com/1032114 https://bugzilla.suse.com/1032120 https://bugzilla.suse.com/1036453 From sle-security-updates at lists.suse.com Thu May 25 10:09:54 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 25 May 2017 18:09:54 +0200 (CEST) Subject: SUSE-SU-2017:1411-1: moderate: Security update for squidGuard Message-ID: <20170525160954.465C1101C7@maintenance.suse.de> SUSE Security Update: Security update for squidGuard ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1411-1 Rating: moderate References: #985612 Cross-References: CVE-2015-8936 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: squidGuard was updated to fix one security issue: - CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-868=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-868=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): squidGuard-1.4-29.1 squidGuard-debuginfo-1.4-29.1 squidGuard-debugsource-1.4-29.1 squidGuard-doc-1.4-29.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): squidGuard-1.4-29.1 squidGuard-debuginfo-1.4-29.1 squidGuard-debugsource-1.4-29.1 squidGuard-doc-1.4-29.1 References: https://www.suse.com/security/cve/CVE-2015-8936.html https://bugzilla.suse.com/985612 From sle-security-updates at lists.suse.com Mon May 29 04:09:24 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 29 May 2017 12:09:24 +0200 (CEST) Subject: SUSE-SU-2017:1432-1: moderate: Security update for git Message-ID: <20170529100924.7358C101CC@maintenance.suse.de> SUSE Security Update: Security update for git ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1432-1 Rating: moderate References: #1038395 Cross-References: CVE-2017-8386 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for git fixes the following issue: - CVE-2017-8386: git shell, may allow a user who comes over SSH to run an interactive pager by causing it to spawn "git upload-pack --help" (bsc#1038395): Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-git-13129=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-git-13129=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-git-13129=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): git-1.7.12.4-0.17.1 git-core-1.7.12.4-0.17.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): git-1.7.12.4-0.17.1 git-arch-1.7.12.4-0.17.1 git-core-1.7.12.4-0.17.1 git-cvs-1.7.12.4-0.17.1 git-daemon-1.7.12.4-0.17.1 git-email-1.7.12.4-0.17.1 git-gui-1.7.12.4-0.17.1 git-svn-1.7.12.4-0.17.1 git-web-1.7.12.4-0.17.1 gitk-1.7.12.4-0.17.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): git-debuginfo-1.7.12.4-0.17.1 git-debugsource-1.7.12.4-0.17.1 References: https://www.suse.com/security/cve/CVE-2017-8386.html https://bugzilla.suse.com/1038395 From sle-security-updates at lists.suse.com Tue May 30 10:09:50 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 18:09:50 +0200 (CEST) Subject: SUSE-SU-2017:1441-1: moderate: Security update for postgresql93 Message-ID: <20170530160950.D9575101CB@maintenance.suse.de> SUSE Security Update: Security update for postgresql93 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1441-1 Rating: moderate References: #1029547 #1037603 #1037624 #1038293 Cross-References: CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for postgresql93 fixes the following issues: The PostgreSQL package was updated to 9.3.17, bringing various bug and security fixes. Bug fixes: - bsc#1029547: Fix tests with timezone 2017a - CVE-2017-7486: Restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1037624) - CVE-2017-7485: Recognize PGREQUIRESSL variable again. (bsc#1038293) - CVE-2017-7484: Prevent exposure of statistical information via leaky operators. (bsc#1037603) More details can be found in the PostgreSQL release announcements: - https://www.postgresql.org/docs/9.3/static/release-9-3-17.html - https://www.postgresql.org/docs/9.3/static/release-9-3-16.html - https://www.postgresql.org/docs/9.3/static/release-9-3-15.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-881=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-881=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): postgresql93-9.3.17-24.2 postgresql93-contrib-9.3.17-24.2 postgresql93-contrib-debuginfo-9.3.17-24.2 postgresql93-debuginfo-9.3.17-24.2 postgresql93-debugsource-9.3.17-24.2 postgresql93-server-9.3.17-24.2 postgresql93-server-debuginfo-9.3.17-24.2 - SUSE Linux Enterprise Server for SAP 12 (noarch): postgresql93-docs-9.3.17-24.2 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): postgresql93-9.3.17-24.2 postgresql93-contrib-9.3.17-24.2 postgresql93-contrib-debuginfo-9.3.17-24.2 postgresql93-debuginfo-9.3.17-24.2 postgresql93-debugsource-9.3.17-24.2 postgresql93-server-9.3.17-24.2 postgresql93-server-debuginfo-9.3.17-24.2 - SUSE Linux Enterprise Server 12-LTSS (noarch): postgresql93-docs-9.3.17-24.2 References: https://www.suse.com/security/cve/CVE-2017-7484.html https://www.suse.com/security/cve/CVE-2017-7485.html https://www.suse.com/security/cve/CVE-2017-7486.html https://bugzilla.suse.com/1029547 https://bugzilla.suse.com/1037603 https://bugzilla.suse.com/1037624 https://bugzilla.suse.com/1038293 From sle-security-updates at lists.suse.com Tue May 30 10:10:38 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 18:10:38 +0200 (CEST) Subject: SUSE-SU-2017:1442-1: moderate: Security update for wireshark Message-ID: <20170530161038.A7E8C101C9@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1442-1 Rating: moderate References: #1002981 #1010735 #1010740 #1010752 #1010754 #1010911 #1021739 #1025913 #1026507 #1027692 #1027998 #1033936 #1033937 #1033938 #1033939 #1033940 #1033941 #1033942 #1033943 #1033944 #1033945 #990856 #998761 #998762 #998763 #998800 #998963 #998964 Cross-References: CVE-2016-6354 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 24 vulnerabilities and has four fixes is now available. Description: Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936) - CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937) - CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938) - CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939) - CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940) - CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941) - CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942) - CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943) - CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944) - CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945) - CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913) - CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739) - CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739) - CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735) - CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740) - CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752) - CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754) - CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800) - CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963) - CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964) - CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763) - CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762) - CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761) - CVE-2016-6354: Heap-based buffer overflow in the yy_get_next_buffer function in Flex might have allowed context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read (bsc#990856). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-883=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-883=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-883=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-883=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-883=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-883=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-883=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-devel-2.2.6-44.3 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-devel-2.2.6-44.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libwireshark8-2.2.6-44.3 libwireshark8-debuginfo-2.2.6-44.3 libwiretap6-2.2.6-44.3 libwiretap6-debuginfo-2.2.6-44.3 libwscodecs1-2.2.6-44.3 libwscodecs1-debuginfo-2.2.6-44.3 libwsutil7-2.2.6-44.3 libwsutil7-debuginfo-2.2.6-44.3 wireshark-2.2.6-44.3 wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-gtk-2.2.6-44.3 wireshark-gtk-debuginfo-2.2.6-44.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libwireshark8-2.2.6-44.3 libwireshark8-debuginfo-2.2.6-44.3 libwiretap6-2.2.6-44.3 libwiretap6-debuginfo-2.2.6-44.3 libwscodecs1-2.2.6-44.3 libwscodecs1-debuginfo-2.2.6-44.3 libwsutil7-2.2.6-44.3 libwsutil7-debuginfo-2.2.6-44.3 wireshark-2.2.6-44.3 wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-gtk-2.2.6-44.3 wireshark-gtk-debuginfo-2.2.6-44.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libwireshark8-2.2.6-44.3 libwireshark8-debuginfo-2.2.6-44.3 libwiretap6-2.2.6-44.3 libwiretap6-debuginfo-2.2.6-44.3 libwscodecs1-2.2.6-44.3 libwscodecs1-debuginfo-2.2.6-44.3 libwsutil7-2.2.6-44.3 libwsutil7-debuginfo-2.2.6-44.3 wireshark-2.2.6-44.3 wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-gtk-2.2.6-44.3 wireshark-gtk-debuginfo-2.2.6-44.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libwireshark8-2.2.6-44.3 libwireshark8-debuginfo-2.2.6-44.3 libwiretap6-2.2.6-44.3 libwiretap6-debuginfo-2.2.6-44.3 libwscodecs1-2.2.6-44.3 libwscodecs1-debuginfo-2.2.6-44.3 libwsutil7-2.2.6-44.3 libwsutil7-debuginfo-2.2.6-44.3 wireshark-2.2.6-44.3 wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-gtk-2.2.6-44.3 wireshark-gtk-debuginfo-2.2.6-44.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libwireshark8-2.2.6-44.3 libwireshark8-debuginfo-2.2.6-44.3 libwiretap6-2.2.6-44.3 libwiretap6-debuginfo-2.2.6-44.3 libwscodecs1-2.2.6-44.3 libwscodecs1-debuginfo-2.2.6-44.3 libwsutil7-2.2.6-44.3 libwsutil7-debuginfo-2.2.6-44.3 wireshark-2.2.6-44.3 wireshark-debuginfo-2.2.6-44.3 wireshark-debugsource-2.2.6-44.3 wireshark-gtk-2.2.6-44.3 wireshark-gtk-debuginfo-2.2.6-44.3 References: https://www.suse.com/security/cve/CVE-2016-6354.html https://www.suse.com/security/cve/CVE-2016-7175.html https://www.suse.com/security/cve/CVE-2016-7176.html https://www.suse.com/security/cve/CVE-2016-7177.html https://www.suse.com/security/cve/CVE-2016-7178.html https://www.suse.com/security/cve/CVE-2016-7179.html https://www.suse.com/security/cve/CVE-2016-7180.html https://www.suse.com/security/cve/CVE-2016-9373.html https://www.suse.com/security/cve/CVE-2016-9374.html https://www.suse.com/security/cve/CVE-2016-9375.html https://www.suse.com/security/cve/CVE-2016-9376.html https://www.suse.com/security/cve/CVE-2017-5596.html https://www.suse.com/security/cve/CVE-2017-5597.html https://www.suse.com/security/cve/CVE-2017-6014.html https://www.suse.com/security/cve/CVE-2017-7700.html https://www.suse.com/security/cve/CVE-2017-7701.html https://www.suse.com/security/cve/CVE-2017-7702.html https://www.suse.com/security/cve/CVE-2017-7703.html https://www.suse.com/security/cve/CVE-2017-7704.html https://www.suse.com/security/cve/CVE-2017-7705.html https://www.suse.com/security/cve/CVE-2017-7745.html https://www.suse.com/security/cve/CVE-2017-7746.html https://www.suse.com/security/cve/CVE-2017-7747.html https://www.suse.com/security/cve/CVE-2017-7748.html https://bugzilla.suse.com/1002981 https://bugzilla.suse.com/1010735 https://bugzilla.suse.com/1010740 https://bugzilla.suse.com/1010752 https://bugzilla.suse.com/1010754 https://bugzilla.suse.com/1010911 https://bugzilla.suse.com/1021739 https://bugzilla.suse.com/1025913 https://bugzilla.suse.com/1026507 https://bugzilla.suse.com/1027692 https://bugzilla.suse.com/1027998 https://bugzilla.suse.com/1033936 https://bugzilla.suse.com/1033937 https://bugzilla.suse.com/1033938 https://bugzilla.suse.com/1033939 https://bugzilla.suse.com/1033940 https://bugzilla.suse.com/1033941 https://bugzilla.suse.com/1033942 https://bugzilla.suse.com/1033943 https://bugzilla.suse.com/1033944 https://bugzilla.suse.com/1033945 https://bugzilla.suse.com/990856 https://bugzilla.suse.com/998761 https://bugzilla.suse.com/998762 https://bugzilla.suse.com/998763 https://bugzilla.suse.com/998800 https://bugzilla.suse.com/998963 https://bugzilla.suse.com/998964 From sle-security-updates at lists.suse.com Tue May 30 10:14:20 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 18:14:20 +0200 (CEST) Subject: SUSE-SU-2017:1443-1: important: Security update for several openstack-components Message-ID: <20170530161420.500F6101CB@maintenance.suse.de> SUSE Security Update: Security update for several openstack-components ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1443-1 Rating: important References: #1024328 #1030406 #1032322 Cross-References: CVE-2017-7214 CVE-2017-7400 Affected Products: SUSE OpenStack Cloud 7 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for openstack-ceilometer, -cinder, -dashboard, -glance, -heat, -keystone, -manila, -magnum and -novaopenstack-keystone provides the latest code from OpenStack Newton. - nova: Add release note that legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens. (bsc#1030406, CVE-2017-7214) - nova: Remove PrivTmp from openstack-nova-compute service. (bsc#1024328) - dashboard: Remove dangerous safestring declaration. (bsc#1032322, CVE-2017-7400) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2017-882=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 7 (noarch): openstack-ceilometer-7.0.4~a0~dev7-3.1 openstack-ceilometer-agent-central-7.0.4~a0~dev7-3.1 openstack-ceilometer-agent-compute-7.0.4~a0~dev7-3.1 openstack-ceilometer-agent-ipmi-7.0.4~a0~dev7-3.1 openstack-ceilometer-agent-notification-7.0.4~a0~dev7-3.1 openstack-ceilometer-api-7.0.4~a0~dev7-3.1 openstack-ceilometer-collector-7.0.4~a0~dev7-3.1 openstack-ceilometer-doc-7.0.4~a0~dev7-3.2 openstack-ceilometer-polling-7.0.4~a0~dev7-3.1 openstack-cinder-9.1.5~a0~dev1-3.1 openstack-cinder-api-9.1.5~a0~dev1-3.1 openstack-cinder-backup-9.1.5~a0~dev1-3.1 openstack-cinder-doc-9.1.5~a0~dev1-3.1 openstack-cinder-scheduler-9.1.5~a0~dev1-3.1 openstack-cinder-volume-9.1.5~a0~dev1-3.1 openstack-dashboard-10.0.4~a0~dev2-3.1 openstack-glance-13.0.1~a0~dev6-3.1 openstack-glance-api-13.0.1~a0~dev6-3.1 openstack-glance-doc-13.0.1~a0~dev6-3.3 openstack-glance-glare-13.0.1~a0~dev6-3.1 openstack-glance-registry-13.0.1~a0~dev6-3.1 openstack-heat-7.0.4~a0~dev4-4.1 openstack-heat-api-7.0.4~a0~dev4-4.1 openstack-heat-api-cfn-7.0.4~a0~dev4-4.1 openstack-heat-api-cloudwatch-7.0.4~a0~dev4-4.1 openstack-heat-doc-7.0.4~a0~dev4-4.2 openstack-heat-engine-7.0.4~a0~dev4-4.1 openstack-heat-plugin-heat_docker-7.0.4~a0~dev4-4.1 openstack-heat-test-7.0.4~a0~dev4-4.1 openstack-keystone-10.0.2~a0~dev2-6.1 openstack-keystone-doc-10.0.2~a0~dev2-6.2 openstack-magnum-3.1.2~a0~dev22-13.1 openstack-magnum-api-3.1.2~a0~dev22-13.1 openstack-magnum-conductor-3.1.2~a0~dev22-13.1 openstack-magnum-doc-3.1.2~a0~dev22-13.1 openstack-manila-3.0.1~a0~dev27-3.1 openstack-manila-api-3.0.1~a0~dev27-3.1 openstack-manila-data-3.0.1~a0~dev27-3.1 openstack-manila-doc-3.0.1~a0~dev27-3.1 openstack-manila-scheduler-3.0.1~a0~dev27-3.1 openstack-manila-share-3.0.1~a0~dev27-3.1 openstack-nova-14.0.6~a0~dev16-3.1 openstack-nova-api-14.0.6~a0~dev16-3.1 openstack-nova-cells-14.0.6~a0~dev16-3.1 openstack-nova-cert-14.0.6~a0~dev16-3.1 openstack-nova-compute-14.0.6~a0~dev16-3.1 openstack-nova-conductor-14.0.6~a0~dev16-3.1 openstack-nova-console-14.0.6~a0~dev16-3.1 openstack-nova-consoleauth-14.0.6~a0~dev16-3.1 openstack-nova-doc-14.0.6~a0~dev16-3.3 openstack-nova-novncproxy-14.0.6~a0~dev16-3.1 openstack-nova-placement-api-14.0.6~a0~dev16-3.1 openstack-nova-scheduler-14.0.6~a0~dev16-3.1 openstack-nova-serialproxy-14.0.6~a0~dev16-3.1 openstack-nova-vncproxy-14.0.6~a0~dev16-3.1 python-ceilometer-7.0.4~a0~dev7-3.1 python-cinder-9.1.5~a0~dev1-3.1 python-glance-13.0.1~a0~dev6-3.1 python-heat-7.0.4~a0~dev4-4.1 python-horizon-10.0.4~a0~dev2-3.1 python-keystone-10.0.2~a0~dev2-6.1 python-magnum-3.1.2~a0~dev22-13.1 python-manila-3.0.1~a0~dev27-3.1 python-nova-14.0.6~a0~dev16-3.1 References: https://www.suse.com/security/cve/CVE-2017-7214.html https://www.suse.com/security/cve/CVE-2017-7400.html https://bugzilla.suse.com/1024328 https://bugzilla.suse.com/1030406 https://bugzilla.suse.com/1032322 From sle-security-updates at lists.suse.com Tue May 30 10:14:59 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 18:14:59 +0200 (CEST) Subject: SUSE-SU-2017:1444-1: important: Security update for java-1_6_0-ibm Message-ID: <20170530161459.98F93101C8@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1444-1 Rating: important References: #1027038 #1038505 Cross-References: CVE-2016-2183 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3514 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for java-1_6_0-ibm fixes the following issues: - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian out-of-bounds pointer - CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data - CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections - CVE-2017-3539: OpenJDK: MD5 allowed for jar verification - CVE-2017-3533: OpenJDK: newline injection in the FTP client - CVE-2017-3544: OpenJDK: newline injection in the SMTP client - Version update to 6.0-16.40 bsc#1027038 CVE-2016-2183 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-java-1_6_0-ibm-13130=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-java-1_6_0-ibm-13130=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.45-84.1 java-1_6_0-ibm-devel-1.6.0_sr16.45-84.1 java-1_6_0-ibm-fonts-1.6.0_sr16.45-84.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.45-84.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.45-84.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.45-84.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): java-1_6_0-ibm-1.6.0_sr16.45-84.1 java-1_6_0-ibm-alsa-1.6.0_sr16.45-84.1 java-1_6_0-ibm-devel-1.6.0_sr16.45-84.1 java-1_6_0-ibm-fonts-1.6.0_sr16.45-84.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.45-84.1 java-1_6_0-ibm-plugin-1.6.0_sr16.45-84.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1289.html https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3514.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1027038 https://bugzilla.suse.com/1038505 From sle-security-updates at lists.suse.com Tue May 30 10:15:31 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 18:15:31 +0200 (CEST) Subject: SUSE-SU-2017:1445-1: important: Security update for java-1_8_0-openjdk Message-ID: <20170530161531.BF2FA101C8@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1445-1 Rating: important References: #1034849 Cross-References: CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk fixes the following issues: - Upgrade to version jdk8u131 (icedtea 3.4.0) - bsc#1034849 * Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-3514: Windows peering issue - S8168699: Validate special case invocations - S8169011, CVE-2017-3526: Resizing XML parse trees - S8170222, CVE-2017-3533: Better transfers of files - S8171121, CVE-2017-3539: Enhancing jar checking - S8171533, CVE-2017-3544: Better email transfer - S8172299: Improve class processing * New features - PR1969: Add AArch32 JIT port - PR3297: Allow Shenandoah to be used on AArch64 - PR3340: jstack.stp should support AArch64 * Import of OpenJDK 8 u131 build 11 - S6474807: (smartcardio) CardTerminal.connect() throws CardException instead of CardNotPresentException - S6515172, PR3346: Runtime.availableProcessors() ignores Linux taskset command - S7155957: closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java hangs on win 64 bit with jdk8 - S7167293: FtpURLConnection connection leak on FileNotFoundException - S8035568: [macosx] Cursor management unification - S8079595: Resizing dialog which is JWindow parent makes JVM crash - S8130769: The new menu can't be shown on the menubar after clicking the "Add" button. - S8146602: jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test fails with NullPointerException - S8147842: IME Composition Window is displayed at incorrect location - S8147910, PR3346: Cache initial active_processor_count - S8150490: Update OS detection code to recognize Windows Server 2016 - S8160951: [TEST_BUG] javax/xml/bind/marshal/8134111/UnmarshalTest.java should be added into :needs_jre group - S8160958: [TEST_BUG] java/net/SetFactoryPermission/SetFactoryPermission.java should be added into :needs_compact2 group - S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is enabled - S8161195: Regression: closed/javax/swing/text/FlowView/LayoutTest.java - S8161993, PR3346: G1 crashes if active_processor_count changes during startup - S8162876: [TEST_BUG] sun/net/www/protocol/http/HttpInputStream.java fails intermittently - S8162916: Test sun/security/krb5/auto/UnboundSSL.java fails - S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java failed with "Error while cleaning up threads after test" - S8167179: Make XSL generated namespace prefixes local to transformation process - S8168774: Polymorhic signature method check crashes javac - S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections - S8169589: [macosx] Activating a JDialog puts to back another dialog - S8170307: Stack size option -Xss is ignored - S8170316: (tz) Support tzdata2016j - S8170814: Reuse cache entries (part II) - S8170888, PR3314, RH1284948: [linux] Experimental support for cgroup memory limits in container (ie Docker) environments - S8171388: Update JNDI Thread contexts - S8171949: [macosx] AWT_ZoomFrame Automated tests fail with error: The bitwise mask Frame.ICONIFIED is not setwhen the frame is in ICONIFIED state - S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked. - S8173030: Temporary backout fix #8035568 from 8u131-b03 - S8173031: Temporary backout fix #8171952 from 8u131-b03 - S8173783, PR3328: IllegalArgumentException: jdk.tls.namedGroups - S8173931: 8u131 L10n resource file update - S8174844: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle - S8174985: NTLM authentication doesn't work with IIS if NTLM cache is disabled - S8176044: (tz) Support tzdata2017a * Backports - S6457406, PR3335: javadoc doesn't handle properly in producing index pages - S8030245, PR3335: Update langtools to use try-with-resources and multi-catch - S8030253, PR3335: Update langtools to use strings-in-switch - S8030262, PR3335: Update langtools to use foreach loops - S8031113, PR3337: TEST_BUG: java/nio/channels/AsynchronousChannelGroup/Basic.java fails intermittently - S8031625, PR3335: javadoc problems referencing inner class constructors - S8031649, PR3335: Clean up javadoc tests - S8031670, PR3335: Remove unneeded -source options in javadoc tests - S8032066, PR3335: Serialized form has broken links to non private inner classes of package private - S8034174, PR2290: Remove use of JVM_* functions from java.net code - S8034182, PR2290: Misc. warnings in java.net code - S8035876, PR2290: AIX build issues after '8034174: Remove use of JVM_* functions from java.net code' - S8038730, PR3335: Clean up the way JavadocTester is invoked, and checks for errors. - S8040903, PR3335: Clean up use of BUG_ID in javadoc tests - S8040904, PR3335: Ensure javadoc tests do not overwrite results within tests - S8040908, PR3335: javadoc test TestDocEncoding should use -notimestamp - S8041150, PR3335: Avoid silly use of static methods in JavadocTester - S8041253, PR3335: Avoid redundant synonyms of NO_TEST - S8043780, PR3368: Use open(O_CLOEXEC) instead of fcntl(FD_CLOEXEC) - S8061305, PR3335: Javadoc crashes when method name ends with "Property" - S8072452, PR3337: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits - S8075565, PR3337: Define @intermittent jtreg keyword and mark intermittently failing jdk tests - S8075670, PR3337: Remove intermittent keyword from some tests - S8078334, PR3337: Mark regression tests using randomness - S8078880, PR3337: Mark a few more intermittently failuring security-libs - S8133318, PR3337: Exclude intermittent failing PKCS11 tests on Solaris SPARC 11.1 and earlier - S8144539, PR3337: Update PKCS11 tests to run with security manager - S8144566, PR3352: Custom HostnameVerifier disables SNI extension - S8153711, PR3313, RH1284948: [REDO] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command - S8155049, PR3352: New tests from 8144566 fail with "No expected Server Name Indication" - S8173941, PR3326: SA does not work if executable is DSO - S8174164, PR3334, RH1417266: SafePointNode::_replaced_nodes breaks with irreducible loops - S8174729, PR3336, RH1420518: Race Condition in java.lang.reflect.WeakCache - S8175097, PR3334, RH1417266: [TESTBUG] 8174164 fix missed the test * Bug fixes - PR3348: Architectures unsupported by SystemTap tapsets throw a parse error - PR3378: Perl should be mandatory - PR3389: javac.in and javah.in should use @PERL@ rather than a hardcoded path * AArch64 port - S8168699, PR3372: Validate special case invocations [AArch64 support] - S8170100, PR3372: AArch64: Crash in C1-compiled code accessing References - S8172881, PR3372: AArch64: assertion failure: the int pressure is incorrect - S8173472, PR3372: AArch64: C1 comparisons with null only use 32-bit instructions - S8177661, PR3372: Correct ad rule output register types from iRegX to iRegXNoSp * AArch32 port - PR3380: Zero should not be enabled by default on arm with the AArch32 HotSpot build - PR3384, S8139303, S8167584: Add support for AArch32 architecture to configure and jdk makefiles - PR3385: aarch32 does not support -Xshare:dump - PR3386, S8164652: AArch32 jvm.cfg wrong for C1 build - PR3387: Installation fails on arm with AArch32 port as INSTALL_ARCH_DIR is arm, not aarch32 - PR3388: Wrong path for jvm.cfg being used on arm with AArch32 build * Shenandoah - Fix Shenandoah argument checking on 32bit builds. - Import from Shenandoah tag aarch64-shenandoah-jdk8u101-b14-shenandoah-merge-2016-07-25 - Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-02-20 - Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-06 - Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-09 - Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-23 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-879=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-879=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-879=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): java-1_8_0-openjdk-1.8.0.131-26.3 java-1_8_0-openjdk-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-debugsource-1.8.0.131-26.3 java-1_8_0-openjdk-demo-1.8.0.131-26.3 java-1_8_0-openjdk-demo-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-devel-1.8.0.131-26.3 java-1_8_0-openjdk-devel-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-headless-1.8.0.131-26.3 java-1_8_0-openjdk-headless-debuginfo-1.8.0.131-26.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): java-1_8_0-openjdk-1.8.0.131-26.3 java-1_8_0-openjdk-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-debugsource-1.8.0.131-26.3 java-1_8_0-openjdk-demo-1.8.0.131-26.3 java-1_8_0-openjdk-demo-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-devel-1.8.0.131-26.3 java-1_8_0-openjdk-devel-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-headless-1.8.0.131-26.3 java-1_8_0-openjdk-headless-debuginfo-1.8.0.131-26.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_8_0-openjdk-1.8.0.131-26.3 java-1_8_0-openjdk-debuginfo-1.8.0.131-26.3 java-1_8_0-openjdk-debugsource-1.8.0.131-26.3 java-1_8_0-openjdk-headless-1.8.0.131-26.3 java-1_8_0-openjdk-headless-debuginfo-1.8.0.131-26.3 References: https://www.suse.com/security/cve/CVE-2017-3509.html https://www.suse.com/security/cve/CVE-2017-3511.html https://www.suse.com/security/cve/CVE-2017-3512.html https://www.suse.com/security/cve/CVE-2017-3514.html https://www.suse.com/security/cve/CVE-2017-3526.html https://www.suse.com/security/cve/CVE-2017-3533.html https://www.suse.com/security/cve/CVE-2017-3539.html https://www.suse.com/security/cve/CVE-2017-3544.html https://bugzilla.suse.com/1034849 From sle-security-updates at lists.suse.com Tue May 30 13:08:58 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 21:08:58 +0200 (CEST) Subject: SUSE-SU-2017:1446-1: important: Security update for sudo Message-ID: <20170530190858.6677D101CB@maintenance.suse.de> SUSE Security Update: Security update for sudo ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1446-1 Rating: important References: #1015351 #1024145 #1039361 #981124 Cross-References: CVE-2017-1000367 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for hostname. [bsc#1024145] - Filter netgroups, they aren't handled by SSSD. [bsc#1015351] - Fix problems related to "krb5_ccname" option [bsc#981124] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-888=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-888=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-888=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-888=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-888=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): sudo-debuginfo-1.8.10p3-2.11.1 sudo-debugsource-1.8.10p3-2.11.1 sudo-devel-1.8.10p3-2.11.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): sudo-1.8.10p3-2.11.1 sudo-debuginfo-1.8.10p3-2.11.1 sudo-debugsource-1.8.10p3-2.11.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): sudo-1.8.10p3-2.11.1 sudo-debuginfo-1.8.10p3-2.11.1 sudo-debugsource-1.8.10p3-2.11.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): sudo-1.8.10p3-2.11.1 sudo-debuginfo-1.8.10p3-2.11.1 sudo-debugsource-1.8.10p3-2.11.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): sudo-1.8.10p3-2.11.1 sudo-debuginfo-1.8.10p3-2.11.1 sudo-debugsource-1.8.10p3-2.11.1 References: https://www.suse.com/security/cve/CVE-2017-1000367.html https://bugzilla.suse.com/1015351 https://bugzilla.suse.com/1024145 https://bugzilla.suse.com/1039361 https://bugzilla.suse.com/981124 From sle-security-updates at lists.suse.com Tue May 30 13:11:15 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 30 May 2017 21:11:15 +0200 (CEST) Subject: SUSE-SU-2017:1450-1: important: Security update for sudo Message-ID: <20170530191115.44B12101C8@maintenance.suse.de> SUSE Security Update: Security update for sudo ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1450-1 Rating: important References: #1015351 #1024145 #1039361 #981124 Cross-References: CVE-2017-1000367 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for hostname. [bsc#1024145] - Filter netgroups, they aren't handled by SSSD. [bsc#1015351] - Fix problems related to "krb5_ccname" option [bsc#981124] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-889=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-889=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-889=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-889=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-889=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): sudo-debuginfo-1.8.10p3-10.5.1 sudo-debugsource-1.8.10p3-10.5.1 sudo-devel-1.8.10p3-10.5.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): sudo-1.8.10p3-10.5.1 sudo-debuginfo-1.8.10p3-10.5.1 sudo-debugsource-1.8.10p3-10.5.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): sudo-1.8.10p3-10.5.1 sudo-debuginfo-1.8.10p3-10.5.1 sudo-debugsource-1.8.10p3-10.5.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): sudo-1.8.10p3-10.5.1 sudo-debuginfo-1.8.10p3-10.5.1 sudo-debugsource-1.8.10p3-10.5.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): sudo-1.8.10p3-10.5.1 sudo-debuginfo-1.8.10p3-10.5.1 sudo-debugsource-1.8.10p3-10.5.1 References: https://www.suse.com/security/cve/CVE-2017-1000367.html https://bugzilla.suse.com/1015351 https://bugzilla.suse.com/1024145 https://bugzilla.suse.com/1039361 https://bugzilla.suse.com/981124 From sle-security-updates at lists.suse.com Tue May 30 19:08:51 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 31 May 2017 03:08:51 +0200 (CEST) Subject: SUSE-SU-2017:1454-1: moderate: Security update for libxml2 Message-ID: <20170531010851.6C91F101CB@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1454-1 Rating: moderate References: #1039063 #1039064 #1039066 #1039069 #1039661 #981114 Cross-References: CVE-2016-1839 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. Description: This update for libxml2 fixes the following issues: - CVE-2017-9047, CVE-2017-9048: The function xmlSnprintfElementContent in valid.c was vulnerable to a stack buffer overflow (bsc#1039063, bsc#1039064) - CVE-2017-9049: The function xmlDictComputeFastKey in dict.c was vulnerable to a heap-based buffer over-read. (bsc#1039066) - CVE-2017-9050: The function xmlDictAddString was vulnerable to a heap-based buffer over-read (bsc#1039661) - CVE-2016-1839: heap-based buffer overflow (xmlDictAddString func) (bnc#1039069) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-891=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-891=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-891=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-891=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-891=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libxml2-debugsource-2.9.4-36.1 libxml2-devel-2.9.4-36.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libxml2-2-2.9.4-36.1 libxml2-2-debuginfo-2.9.4-36.1 libxml2-debugsource-2.9.4-36.1 libxml2-tools-2.9.4-36.1 libxml2-tools-debuginfo-2.9.4-36.1 python-libxml2-2.9.4-36.1 python-libxml2-debuginfo-2.9.4-36.1 python-libxml2-debugsource-2.9.4-36.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): libxml2-doc-2.9.4-36.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libxml2-2-2.9.4-36.1 libxml2-2-debuginfo-2.9.4-36.1 libxml2-debugsource-2.9.4-36.1 libxml2-tools-2.9.4-36.1 libxml2-tools-debuginfo-2.9.4-36.1 python-libxml2-2.9.4-36.1 python-libxml2-debuginfo-2.9.4-36.1 python-libxml2-debugsource-2.9.4-36.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): libxml2-doc-2.9.4-36.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libxml2-2-32bit-2.9.4-36.1 libxml2-2-debuginfo-32bit-2.9.4-36.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libxml2-2-2.9.4-36.1 libxml2-2-32bit-2.9.4-36.1 libxml2-2-debuginfo-2.9.4-36.1 libxml2-2-debuginfo-32bit-2.9.4-36.1 libxml2-debugsource-2.9.4-36.1 libxml2-tools-2.9.4-36.1 libxml2-tools-debuginfo-2.9.4-36.1 python-libxml2-2.9.4-36.1 python-libxml2-debuginfo-2.9.4-36.1 python-libxml2-debugsource-2.9.4-36.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libxml2-2-2.9.4-36.1 libxml2-2-debuginfo-2.9.4-36.1 libxml2-debugsource-2.9.4-36.1 References: https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://bugzilla.suse.com/1039063 https://bugzilla.suse.com/1039064 https://bugzilla.suse.com/1039066 https://bugzilla.suse.com/1039069 https://bugzilla.suse.com/1039661 https://bugzilla.suse.com/981114 From sle-security-updates at lists.suse.com Wed May 31 13:10:59 2017 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 31 May 2017 21:10:59 +0200 (CEST) Subject: SUSE-SU-2017:1468-1: important: Security update for libtirpc, rpcbind Message-ID: <20170531191059.946EC101CB@maintenance.suse.de> SUSE Security Update: Security update for libtirpc, rpcbind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1468-1 Rating: important References: #1037559 Cross-References: CVE-2017-8779 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libtirpc and rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rpcbind to remote denial-of-service. (bsc#1037559) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libtirpc-13135=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libtirpc-13135=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-libtirpc-13135=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-libtirpc-13135=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libtirpc-13135=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libtirpc-13135=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtirpc-devel-0.2.1-1.12.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtirpc1-0.2.1-1.12.3 rpcbind-0.1.6+git20080930-6.27.2 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): libtirpc1-0.2.1-1.12.3 rpcbind-0.1.6+git20080930-6.27.2 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libtirpc1-0.2.1-1.12.3 rpcbind-0.1.6+git20080930-6.27.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtirpc-debuginfo-0.2.1-1.12.3 libtirpc-debugsource-0.2.1-1.12.3 rpcbind-debuginfo-0.1.6+git20080930-6.27.2 rpcbind-debugsource-0.1.6+git20080930-6.27.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): libtirpc-debuginfo-0.2.1-1.12.3 libtirpc-debugsource-0.2.1-1.12.3 rpcbind-debuginfo-0.1.6+git20080930-6.27.2 rpcbind-debugsource-0.1.6+git20080930-6.27.2 References: https://www.suse.com/security/cve/CVE-2017-8779.html https://bugzilla.suse.com/1037559