SUSE-CU-2019:721-1: Security update of caasp/v4/nginx-ingress-controller

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Jan 16 09:58:53 MST 2020


SUSE Container Update Advisory: caasp/v4/nginx-ingress-controller
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:721-1
Container Tags        : caasp/v4/nginx-ingress-controller:0.15.0 , caasp/v4/nginx-ingress-controller:0.15.0-rev1 , caasp/v4/nginx-ingress-controller:0.15.0-rev1-build1.2
Severity              : important
Type                  : security
References            : 1000396 1000662 1000677 1001299 1001790 1001900 1001912 1002975
                        1002991 1002991 1002991 1002995 1002995 1002998 1002998 1003000
                        1003000 1003002 1003002 1003012 1003012 1003017 1003017 1003023
                        1003023 1003577 1003579 1003580 1003714 1003978 1004094 1004289
                        1004924 1004995 1004995 1004995 1005023 1005063 1005274 1005404
                        1005544 1005591 1005633 1005634 1005635 1005637 1005638 1005640
                        1005642 1005643 1005645 1005646 1006175 1006372 1006469 1006687
                        1006690 1007276 1007280 1007851 1008325 1009269 1009470 1009528
                        1009532 1009745 1009905 1009966 1010161 1010163 1010220 1010675
                        1010845 1010880 1011103 1011107 1012266 1012390 1012523 1012591
                        1012818 1012973 1013286 1013882 1013930 1013989 1014471 1014560
                        1014566 1014873 1015187 1015254 1015332 1015515 1015565 1015943
                        1017034 1017497 1017646 1017690 1017693 1018214 1018399 1019276
                        1019470 1019611 1019637 1019637 1019900 1020108 1020143 1020601
                        1021315 1021641 1022014 1022047 1022085 1022086 1022103 1022263
                        1022264 1022265 1022271 1022283 1022284 1022553 1023283 1023895
                        1024989 1025176 1025398 1025560 1025598 1025630 1025886 1026224
                        1026567 1026825 1027079 1027379 1027688 1027712 1027908 1027925
                        1028103 1028263 1028281 1028304 1028304 1028305 1028410 1028485
                        1028610 1028723 1029102 1029102 1029183 1029516 1029516 1029523
                        1029561 1029691 1029725 1029900 1030290 1030621 1031247 1031249
                        1031250 1031254 1031255 1031262 1031263 1031355 1031643 1031702
                        1031998 1032029 1032029 1032309 1032445 1032538 1032660 1032680
                        1033109 1033111 1033112 1033113 1033118 1033120 1033126 1033127
                        1033128 1033129 1033131 1033238 1033238 1033855 1034563 1034565
                        1035062 1035371 1035386 1035445 1035807 1035818 1035905 1036304
                        1036457 1036659 1036736 1036873 1036873 1037120 1037120 1037396
                        1037824 1037930 1038189 1038194 1038438 1038444 1038506 1038865
                        1038865 1038984 1038984 1039063 1039063 1039064 1039064 1039066
                        1039066 1039069 1039069 1039099 1039099 1039276 1039357 1039661
                        1039661 1039941 1040043 1040153 1040153 1040258 1040258 1040614
                        1040614 1040800 1040942 1040942 1040968 1040968 1040968 1041764
                        1042326 1042392 1042781 1042804 1042805 1043059 1043218 1043237
                        1043333 1043333 1043580 1043615 1043758 1043758 1043886 1043900
                        1043900 1044095 1044107 1044175 1044337 1044840 1044887 1044894
                        1045092 1045290 1045290 1045384 1045472 1045628 1045735 1045735
                        1045735 1045943 1045987 1046077 1046173 1046173 1046268 1046417
                        1046607 1046659 1046750 1046750 1046853 1046853 1046858 1046858
                        1047008 1047178 1047233 1047236 1047240 1047247 1047379 1047785
                        1047785 1047937 1047964 1047965 1048315 1048510 1048605 1048605
                        1048645 1048679 1049344 1049825 1050152 1050467 1050767 1050943
                        1051042 1051465 1051626 1051643 1051644 1051791 1052261 1053137
                        1053188 1053409 1053595 1053671 1054028 1054088 1054171 1054594
                        1054671 1055446 1055641 1055825 1055920 1056058 1056126 1056127
                        1056127 1056128 1056128 1056129 1056129 1056131 1056131 1056132
                        1056132 1056136 1056136 1056437 1056449 1056450 1056993 1056995
                        1057150 1057188 1057452 1057634 1057640 1057662 1057721 1057724
                        1057900 1057974 1058695 1058722 1058783 1059065 1059723 1060653
                        1060738 1061384 1061667 1061876 1062303 1062561 1062591 1062592
                        1062937 1063051 1063249 1063269 1063675 1063824 1063910 1064397
                        1064455 1064455 1064455 1064569 1064580 1064583 1064999 1065083
                        1065274 1065276 1065363 1065448 1065448 1066156 1066242 1066422
                        1066500 1067312 1067605 1067891 1068251 1068565 1068565 1068588
                        1068708 1068967 1069213 1069222 1069226 1069468 1069934 1070209
                        1070428 1070431 1070431 1070851 1070878 1070905 1070958 1071224
                        1071311 1071319 1071321 1071466 1071558 1071568 1071698 1071905
                        1071906 1072947 1072947 1073231 1073313 1073879 1073990 1074186
                        1074254 1074293 1074293 1074317 1074318 1074621 1074687 1075449
                        1075724 1075743 1075801 1075804 1075978 1075992 1076192 1076308
                        1076391 1076415 1076696 1076810 1076832 1076909 1077001 1077635
                        1077692 1077787 1077787 1077925 1077993 1078358 1078662 1078662
                        1078806 1078813 1079036 1079334 1079600 1079991 1080078 1080382
                        1080740 1080740 1081170 1081294 1081556 1081690 1081725 1082004
                        1082216 1082216 1082216 1082233 1082233 1082233 1082234 1082234
                        1082234 1082318 1082332 1082485 1082485 1082825 1083158 1083290
                        1083926 1083927 1083946 1084300 1084300 1084521 1084524 1084532
                        1084626 1084812 1084812 1084842 1085062 1085432 1086247 1086408
                        1086602 1086690 1086785 1086825 1087102 1087323 1087550 1087550
                        1087930 1088052 1088279 1088601 1088705 1088769 1088890 1088921
                        1089039 1089533 1089640 1089761 1089761 1089884 1090765 1090766
                        1090766 1090766 1090785 1090944 1091265 1091624 1091677 1092098
                        1092100 1092100 1092413 1092480 1092640 1092640 1092949 1093753
                        1093851 1094121 1094150 1094154 1094161 1094222 1094327 1095096
                        1095148 1096282 1096282 1096282 1096718 1096718 1096745 1096803
                        1097158 1097410 1097410 1097410 1097624 1097665 1098592 1099257
                        1099310 1099310 1099310 1099452 1099847 1099982 1100028 1101040
                        1101246 1101349 1101470 1101591 1102046 1102062 1102068 1102073
                        1102429 1102564 1103910 1104789 1105031 1105166 1105236 1105434
                        1106019 1106197 1106391 1106853 1106914 1106923 1107430 1107640
                        1107941 1108627 1108637 1108835 1109197 1109252 1109877 1110358
                        1110445 1110661 1111251 1111278 1111965 1112024 1112209 1112758
                        1112858 1113083 1113094 1113100 1113117 1113125 1113534 1113632
                        1113652 1113660 1113665 1113672 1113742 1114981 1115518 1115717
                        1115929 1117355 1119971 1120323 1120489 1121450 360993 408814
                        556664 658010 661410 675317 825385 829717 830805 874665 888308
                        889138 889990 892431 894610 896202 896435 897422 898003 899524
                        899871 900275 900276 901202 901845 901924 902364 902367 903543
                        905483 906574 906574 906761 906803 906858 907074 907456 908128
                        908516 909418 910252 910252 910253 910253 911228 911363 911662
                        912076 912229 912715 912922 912929 913209 913650 913651 914890
                        914890 915402 915846 916927 917152 917169 918089 918090 918346
                        919274 920057 920057 920386 921070 922534 923241 923945 924525
                        924687 924960 924960 926412 926826 927556 927607 927608 927746
                        927993 928292 928533 928740 929919 930176 931932 932232 932894
                        933029 933288 933288 933336 933878 933878 934119 934333 934689
                        934920 936050 936227 936227 936676 937823 938343 938657 939392
                        939460 940315 942690 942865 942865 943457 943457 944903 945340
                        945842 945899 952151 952347 952474 953130 953532 953659 953807
                        953831 954002 954661 954980 954980 955382 955753 955770 957566
                        957566 957567 957567 957598 957598 957600 957600 958369 958562
                        959693 960273 960341 960341 960820 960837 960837 961964 962765
                        962983 962996 963290 963448 963942 964063 964225 964468 965322
                        965780 965902 966220 967026 967082 967728 967838 968771 969569
                        969783 970260 970882 971741 971741 972127 972127 972331 973340
                        974449 974449 974614 974618 974621 974691 974840 975069 975070
                        978055 979261 979436 979441 979629 979906 980391 980486 981114
                        981616 982176 982303 982303 983206 983215 983216 983436 983440
                        983754 984368 984808 984813 984815 984831 984837 984842 984906
                        984958 986216 986216 986783 986935 987351 987351 987577 987887
                        988032 988311 989788 989831 990189 990190 990191 990460 990538
                        991389 991390 991391 991436 991443 991622 991710 991746 991901
                        992966 994157 994794 995034 995936 996511 997043 997420 997682
                        998760 998893 998906 999735 999878 CVE-2012-6702 CVE-2013-6435
                        CVE-2014-3591 CVE-2014-3707 CVE-2014-3710 CVE-2014-8116 CVE-2014-8116
                        CVE-2014-8117 CVE-2014-8117 CVE-2014-8118 CVE-2014-8127 CVE-2014-8127
                        CVE-2014-8128 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-8150
                        CVE-2014-8964 CVE-2014-8964 CVE-2014-9087 CVE-2014-9092 CVE-2014-9112
                        CVE-2014-9447 CVE-2014-9495 CVE-2014-9620 CVE-2014-9621 CVE-2014-9653
                        CVE-2014-9655 CVE-2014-9709 CVE-2015-0247 CVE-2015-0837 CVE-2015-0973
                        CVE-2015-1283 CVE-2015-1572 CVE-2015-1606 CVE-2015-1607 CVE-2015-1782
                        CVE-2015-2059 CVE-2015-2325 CVE-2015-2325 CVE-2015-2327 CVE-2015-2327
                        CVE-2015-2328 CVE-2015-2328 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145
                        CVE-2015-3148 CVE-2015-3153 CVE-2015-3210 CVE-2015-3210 CVE-2015-3217
                        CVE-2015-3217 CVE-2015-3238 CVE-2015-5073 CVE-2015-5073 CVE-2015-5276
                        CVE-2015-7511 CVE-2015-7554 CVE-2015-7554 CVE-2015-7995 CVE-2015-8126
                        CVE-2015-8126 CVE-2015-8380 CVE-2015-8380 CVE-2015-8381 CVE-2015-8381
                        CVE-2015-8382 CVE-2015-8382 CVE-2015-8383 CVE-2015-8383 CVE-2015-8384
                        CVE-2015-8384 CVE-2015-8385 CVE-2015-8385 CVE-2015-8386 CVE-2015-8386
                        CVE-2015-8387 CVE-2015-8387 CVE-2015-8388 CVE-2015-8388 CVE-2015-8389
                        CVE-2015-8389 CVE-2015-8390 CVE-2015-8390 CVE-2015-8391 CVE-2015-8391
                        CVE-2015-8392 CVE-2015-8392 CVE-2015-8393 CVE-2015-8393 CVE-2015-8394
                        CVE-2015-8394 CVE-2015-8395 CVE-2015-8395 CVE-2015-8781 CVE-2015-8782
                        CVE-2015-8783 CVE-2015-8853 CVE-2015-8948 CVE-2015-9019 CVE-2016-0634
                        CVE-2016-0718 CVE-2016-0755 CVE-2016-0787 CVE-2016-10087 CVE-2016-10092
                        CVE-2016-10093 CVE-2016-10094 CVE-2016-10095 CVE-2016-10156 CVE-2016-10164
                        CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-10244 CVE-2016-10266
                        CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271
                        CVE-2016-10272 CVE-2016-10371 CVE-2016-1238 CVE-2016-1283 CVE-2016-1283
                        CVE-2016-1839 CVE-2016-2037 CVE-2016-2381 CVE-2016-3186 CVE-2016-3191
                        CVE-2016-3191 CVE-2016-3622 CVE-2016-3622 CVE-2016-3623 CVE-2016-3632
                        CVE-2016-3658 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-4574
                        CVE-2016-4579 CVE-2016-4658 CVE-2016-4738 CVE-2016-5116 CVE-2016-5131
                        CVE-2016-5300 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5318
                        CVE-2016-5319 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5407
                        CVE-2016-5407 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-5652
                        CVE-2016-5875 CVE-2016-5875 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161
                        CVE-2016-6185 CVE-2016-6207 CVE-2016-6214 CVE-2016-6223 CVE-2016-6252
                        CVE-2016-6252 CVE-2016-6252 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
                        CVE-2016-6313 CVE-2016-6318 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911
                        CVE-2016-6912 CVE-2016-7055 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543
                        CVE-2016-7568 CVE-2016-7942 CVE-2016-7942 CVE-2016-7942 CVE-2016-7944
                        CVE-2016-7944 CVE-2016-7945 CVE-2016-7945 CVE-2016-7946 CVE-2016-7946
                        CVE-2016-7947 CVE-2016-7947 CVE-2016-7948 CVE-2016-7948 CVE-2016-7949
                        CVE-2016-7949 CVE-2016-7950 CVE-2016-7950 CVE-2016-7951 CVE-2016-7951
                        CVE-2016-7952 CVE-2016-7952 CVE-2016-7953 CVE-2016-7953 CVE-2016-8331
                        CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619
                        CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624
                        CVE-2016-8670 CVE-2016-9063 CVE-2016-9273 CVE-2016-9297 CVE-2016-9317
                        CVE-2016-9318 CVE-2016-9401 CVE-2016-9448 CVE-2016-9453 CVE-2016-9586
                        CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
                        CVE-2016-9933 CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101
                        CVE-2017-1000254 CVE-2017-1000257 CVE-2017-1000366 CVE-2017-1000408
                        CVE-2017-1000409 CVE-2017-10684 CVE-2017-10684 CVE-2017-10685
                        CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-11462 CVE-2017-11613
                        CVE-2017-11613 CVE-2017-12132 CVE-2017-12133 CVE-2017-12424 CVE-2017-12837
                        CVE-2017-12883 CVE-2017-12944 CVE-2017-13194 CVE-2017-13726 CVE-2017-13728
                        CVE-2017-13728 CVE-2017-13729 CVE-2017-13729 CVE-2017-13730 CVE-2017-13730
                        CVE-2017-13731 CVE-2017-13731 CVE-2017-13732 CVE-2017-13732 CVE-2017-13733
                        CVE-2017-13733 CVE-2017-13734 CVE-2017-14062 CVE-2017-15088 CVE-2017-15232
                        CVE-2017-15412 CVE-2017-15670 CVE-2017-15671 CVE-2017-15804 CVE-2017-15908
                        CVE-2017-16232 CVE-2017-16997 CVE-2017-17740 CVE-2017-17942 CVE-2017-17973
                        CVE-2017-18013 CVE-2017-18078 CVE-2017-18258 CVE-2017-18269 CVE-2017-3731
                        CVE-2017-3732 CVE-2017-3735 CVE-2017-3736 CVE-2017-3737 CVE-2017-3738
                        CVE-2017-5029 CVE-2017-5130 CVE-2017-5225 CVE-2017-5969 CVE-2017-6362
                        CVE-2017-6512 CVE-2017-7375 CVE-2017-7376 CVE-2017-7407 CVE-2017-7435
                        CVE-2017-7436 CVE-2017-7436 CVE-2017-7500 CVE-2017-7500 CVE-2017-7501
                        CVE-2017-7501 CVE-2017-7526 CVE-2017-7555 CVE-2017-7592 CVE-2017-7593
                        CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598
                        CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 CVE-2017-7864
                        CVE-2017-8105 CVE-2017-8287 CVE-2017-8804 CVE-2017-8816 CVE-2017-8817
                        CVE-2017-8872 CVE-2017-9047 CVE-2017-9047 CVE-2017-9048 CVE-2017-9048
                        CVE-2017-9049 CVE-2017-9049 CVE-2017-9050 CVE-2017-9050 CVE-2017-9217
                        CVE-2017-9217 CVE-2017-9233 CVE-2017-9269 CVE-2017-9269 CVE-2017-9287
                        CVE-2017-9403 CVE-2017-9404 CVE-2017-9445 CVE-2017-9445 CVE-2017-9526
                        CVE-2017-9935 CVE-2017-9935 CVE-2018-0495 CVE-2018-0495 CVE-2018-0495
                        CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-0739 CVE-2018-1000001
                        CVE-2018-1000001 CVE-2018-1000007 CVE-2018-1000120 CVE-2018-1000121
                        CVE-2018-1000122 CVE-2018-1000222 CVE-2018-1000301 CVE-2018-1049
                        CVE-2018-10779 CVE-2018-10963 CVE-2018-1122 CVE-2018-1122 CVE-2018-1123
                        CVE-2018-1123 CVE-2018-11236 CVE-2018-11237 CVE-2018-1124 CVE-2018-1124
                        CVE-2018-1125 CVE-2018-1125 CVE-2018-1126 CVE-2018-1126 CVE-2018-12015
                        CVE-2018-12015 CVE-2018-12020 CVE-2018-12900 CVE-2018-14404 CVE-2018-14567
                        CVE-2018-14598 CVE-2018-14599 CVE-2018-14600 CVE-2018-14618 CVE-2018-15686
                        CVE-2018-15688 CVE-2018-16335 CVE-2018-16840 CVE-2018-16842 CVE-2018-16864
                        CVE-2018-16865 CVE-2018-16866 CVE-2018-17100 CVE-2018-17101 CVE-2018-17795
                        CVE-2018-18557 CVE-2018-18661 CVE-2018-19210 CVE-2018-19211 CVE-2018-20217
                        CVE-2018-5407 CVE-2018-5711 CVE-2018-5729 CVE-2018-5730 CVE-2018-5784
                        CVE-2018-6003 CVE-2018-6485 CVE-2018-6551 CVE-2018-6797 CVE-2018-6797
                        CVE-2018-6797 CVE-2018-6798 CVE-2018-6798 CVE-2018-6798 CVE-2018-6913
                        CVE-2018-6913 CVE-2018-6913 CVE-2018-7169 CVE-2018-7456 CVE-2018-7685
                        CVE-2018-7738 CVE-2018-7738 CVE-2018-8905 CVE-2018-9251 
-----------------------------------------------------------------

The container caasp/v4/nginx-ingress-controller was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2014:85-1
Released:    Tue Nov  4 16:29:29 2014
Summary:     Recommended update for dirmngr
Type:        recommended
Severity:    moderate
References:  901845
Description:

This update for dirmngr fixes a segmentation fault at start up. (bnc#901845)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2014:66-1
Released:    Thu Nov  6 06:23:15 2014
Summary:     Recommended update for gcc48
Type:        recommended
Severity:    moderate
References:  899871
Description:

This update for gcc48 fixes a performance degradation issue caused by generation of unneeded code whe using option -pg.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2014:97-1
Released:    Fri Nov 28 10:20:32 2014
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  888308,902367,CVE-2014-3710
Description:

file was updated to fix one security issue.

This security issue was fixed:
- Out-of-bounds read in elf note headers (CVE-2014-3710).

This non-security issues was fixed:
- Correctly identify GDBM files created by libgdbm4 (bnc#888308).
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2014:113-1
Released:    Tue Dec  2 18:17:57 2014
Summary:     Security update for cpio
Type:        security
Severity:    moderate
References:  658010,907456,CVE-2014-9112
Description:


This cpio security update fixes the following buffer overflow issue and
two non security issues:

- fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)
- prevent cpio from extracting over a symlink (bnc#658010)
- fix a truncation check in mt

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:15-1
Released:    Thu Dec  4 15:24:10 2014
Summary:     Security update for libjpeg-turbo, libjpeg62-turbo
Type:        security
Severity:    moderate
References:  906761,CVE-2014-9092
Description:

libjpeg-turbo, libjpeg62-turbo were updated to fix one security issue.

This security issue was fixed:
- Passing special crafted jpeg file smashes stack (CVE-2014-9092).
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:16-1
Released:    Thu Dec 11 09:25:27 2014
Summary:     Security update for libksba
Type:        security
Severity:    moderate
References:  907074,CVE-2014-9087
Description:

This libksba update fixes the following security issue:

- bnc#907074: buffer overflow in OID processing (CVE-2014-9087)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2014:126-1
Released:    Fri Dec 19 20:16:00 2014
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  910252,910253,CVE-2014-8116,CVE-2014-8117
Description:

This file update fixes the following security issues:

- bsc#910252: multiple denial of service issues (resource consumption)
              (CVE-2014-8116)
- bsc#910253: denial of service issue (resource consumption)
              (CVE-2014-8117)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:29-1
Released:    Mon Jan 12 11:37:43 2015
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  901924,911363,CVE-2014-3707,CVE-2014-8150
Description:


   This update fixes the following security issues   
      - CVE-2014-8150: URL request injection vulnerability  (bnc#911363)
      - CVE-2014-3707: duphandle read out of bounds  (bnc#901924)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:33-1
Released:    Wed Jan 14 10:47:09 2015
Summary:     Security update for libpng16
Type:        security
Severity:    important
References:  912076,912929,CVE-2014-9495,CVE-2015-0973
Description:


  This update fixes the following security issues:

  * CVE-2014-9495: libpng versions heap overflow vulnerability, that under certain circumstances could be exploit. [bnc#912076]

  * CVE-2015-0973: A heap-based overflow was found in the png_combine_row() function of the libpng library, when very large interlaced images were used.[bnc#912929]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:40-1
Released:    Thu Jan 15 18:35:11 2015
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  892431,906803,908128,911228,CVE-2013-6435,CVE-2014-8118
Description:

This rpm update fixes the following security and non-security issues:

- bnc#908128: Check for bad invalid name sizes (CVE-2014-8118)
- bnc#906803: Create files with mode 0 (CVE-2013-6435)
- bnc#892431: Honor --noglob in install mode 
- bnc#911228: Fix noglob patch, it broke files with space.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:64-1
Released:    Thu Jan 15 23:21:45 2015
Summary:     Recommended update for e2fsprogs
Type:        recommended
Severity:    moderate
References:  912229
Description:

This update for e2fsprogs fixes a 'use after free' issue in fsck(8).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:76-1
Released:    Fri Jan 30 15:01:03 2015
Summary:     Security update for elfutils
Type:        security
Severity:    moderate
References:  911662,CVE-2014-9447
Description:

elfutils was updated to fix one security issue.

This security issue was fixed:
- Directory traversal vulnerability in the read_long_names function (CVE-2014-9447).
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:55-1
Released:    Tue Feb  3 14:51:17 2015
Summary:     Recommended update for curl
Type:        recommended
Severity:    moderate
References:  913209
Description:


curl was updated to fix problems when operating in FIPS mode.

This patch reenables following methods:
- NTLM authentication (e.g. for proxies) (allowing its usage of MD4 and MD5)
- HTTP Digest authentication (allowing its usage of MD5)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:121-1
Released:    Tue Feb  3 16:30:16 2015
Summary:     Recommended update for pam
Type:        recommended
Severity:    low
References:  912922
Description:

This update for pam fixes updating of NIS passwords.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:157-1
Released:    Tue Mar 10 09:01:41 2015
Summary:     Security update for libssh2_org
Type:        security
Severity:    moderate
References:  921070,CVE-2015-1782
Description:


The ssh client library libssh2_org was updated to fix a security issue.

CVE-2015-1782: A malicious server could send a crafted SSH_MSG_KEXINIT
packet, that could lead to a buffer overread and to a crash of the
libssh2_org using application.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:275-1
Released:    Wed Mar 18 18:21:44 2015
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  901202,908516
Description:

This update for procps provides the following fixes:

- Add description of pgrep's --list-full parameter to usage instructions (--help). (bsc#901202)
- Fix handling of arguments to -s option in free(1). (bsc#908516)
- Correct package name in descriptions: procps, not props.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:194-1
Released:    Tue Mar 24 17:21:25 2015
Summary:     Security update for gd
Type:        security
Severity:    low
References:  923945,CVE-2014-9709
Description:

The graphics drawing library gd was updated to fix one security issue.

The following vulnerability was fixed:
* possible buffer read overflow (CVE-2014-9709)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:235-1
Released:    Wed Apr 29 19:05:01 2015
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  927556,927607,927608,927746,928533,CVE-2015-3143,CVE-2015-3144,CVE-2015-3145,CVE-2015-3148,CVE-2015-3153
Description:

curl was updated to fix five security issues.

The following vulnerabilities were fixed:

* CVE-2015-3143: curl could re-use NTML authenticateds connections
* CVE-2015-3144: curl could access memory out of bounds with zero length host names
* CVE-2015-3145: curl cookie parser could access memory out of boundary
* CVE-2015-3148: curl could treat Negotiate as not connection-oriented
* CVE-2015-3153: curl could have sent sensitive HTTP headers also to proxies

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:296-1
Released:    Thu Jun 11 15:46:59 2015
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  896202,896435,898003,899524,900275,900276,905483,920057,928740,929919,CVE-2014-3591
Description:


This update of libgcrypt fixes one security issue and brings various FIPS 140-2 related improvements.

libgcrypt now uses ciphertext blinding for Elgamal decryption (CVE-2014-3591)

FIPS 140-2 related changes:
* The library performs its self-tests when the module is complete (the -hmac file is also installed).

* Added a NIST 800-90a compliant DRBG.

* Change DSA key generation to be FIPS 186-4 compliant.

* Change RSA key generation to be FIPS 186-4 compliant.

* Enable HW support in fips mode (bnc#896435)

* Make DSA selftest use 2048 bit keys (bnc#898003)

* Added ECDSA selftests and add support for it to the CAVS testing
  framework (bnc#896202)

* Various CAVS testing improvements.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:366-1
Released:    Mon Jun 29 10:13:43 2015
Summary:     Security update for e2fsprogs
Type:        security
Severity:    low
References:  915402,918346,CVE-2015-0247,CVE-2015-1572
Description:


Two security issues were fixed in e2fsprogs:

Security issues fixed:

* CVE-2015-0247: Various heap overflows were fixed in e2fsprogs (fsck, dumpe2fs, e2image...).
* CVE-2015-1572: Fixed a potential buffer overflow in closefs() (bsc#918346 )

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:361-1
Released:    Wed Jul 15 08:26:27 2015
Summary:     Recommended update for gcc48, libffi48, libgcj48
Type:        recommended
Severity:    moderate
References:  889990,917169,919274,922534,924525,924687,927993,930176,934689
Description:


The system compiler gcc48 was updated to the GCC 4.8.5 release, fixing
a lot of bugs and bringing some improvements.

It includes various bug fixes found by our customers:

* Fixes bogus integer overflow in constant expression.  [bnc#934689]
* Fixes ICE with atomics on aarch64.  [bnc#930176]
* Includes fix for -imacros bug.  [bnc#917169]
* Includes fix for incorrect -Warray-bounds warnings.  [bnc#919274]
* Includes updated -mhotpatch for s390x.  [bnc#924525]
* Includes fix for ppc64le issue with doubleword vector extract.  [bnc#924687]
* Includes patches to allow building against ISL 0.14.
* Backport rework of the memory allocator for C++ exceptions used in OOM situations.  [bnc#889990]
* Fix a reload issue on S390 (GCC PR66306).
* Avoid accessing invalid memory when passing aggregates by value. [bnc#922534]
  
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2015:422-1
Released:    Tue Jul 28 06:25:51 2015
Summary:     The Toolchain module containing GCC 5.2
Type:        optional
Severity:    low
References:  926412,936050,937823
Description:


This update contains the release of the new SUSE Linux Enterprise Toolchain module.

Its major feature is the GNU Compiler Collection 5.2, please see
https://gcc.gnu.org/gcc-5/changes.html for important changes.

This update also includes a version update of binutils to 2.25 release branch
to provide features and bugfixes.

Following features have been added to binutils:

* IBM zSeries z13 hardware support (fate#318036, bnc#936050).
* various IBM Power8 improvements (fate#318238, bnc#926412).
* AVX512 support on the Intel EM64T platform (fate#318520).


The GNU Debugger gdb was updated to version 7.9.1 bringing
various features and lots of bugfixes. Also IBM zSeries z13 hardware
support has been added to gdb. (fate#318039)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:500-1
Released:    Mon Aug 17 11:36:33 2015
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  920057,938343,CVE-2015-0837
Description:


This update fixes the following issues:

Security:
* Fixed data-dependent timing variations in modular exponentiation
  [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
   are Practical] (bsc#920057)

Bugfixes:
* don't drop privileges when locking secure memory (bsc#938343)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:473-1
Released:    Tue Aug 25 16:06:40 2015
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  914890,916927,CVE-2014-8127,CVE-2014-8128,CVE-2014-8129,CVE-2014-8130,CVE-2014-9655
Description:


LibTiff was updated to the 4.0.4 stable release fixing various security
issues and bugs.

These security issues were fixed:
- CVE-2014-8127: Out-of-bounds write (bnc#914890).
- CVE-2014-8128: Out-of-bounds write (bnc#914890).
- CVE-2014-8129: Out-of-bounds write (bnc#914890).
- CVE-2014-8130: Out-of-bounds write (bnc#914890).
- CVE-2014-9655: Access of uninitialized memory (bnc#916927).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:530-1
Released:    Wed Aug 26 03:07:07 2015
Summary:     Recommended update for sed
Type:        recommended
Severity:    low
References:  933029
Description:


This update for sed fixes the behavior of --follow-symlinks when reading from the
standard input (stdin).

The behavior of 'sed --follow-symlinks -' is now identical to 'sed -'. In both
cases, sed will read from the standard input and no longer from a file named '-'.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:568-1
Released:    Wed Sep 16 13:30:12 2015
Summary:     Recommended update for grep
Type:        recommended
Severity:    low
References:  920386
Description:

This update for grep fixes undefined behaviour with -P and non-utf-8 data.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:855-1
Released:    Wed Nov 18 10:41:00 2015
Summary:     Security update for libpng16
Type:        security
Severity:    moderate
References:  954980,CVE-2015-8126
Description:

The libpng16 package was updated to fix the following security issue:

- CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:922-1
Released:    Tue Dec 22 08:44:25 2015
Summary:     Security update for gpg2
Type:        security
Severity:    moderate
References:  918089,918090,952347,955753,CVE-2015-1606,CVE-2015-1607
Description:

The gpg2 package was updated to fix the following security and non security issues:

- CVE-2015-1606: Fixed invalid memory read using a garbled keyring (bsc#918089).
- CVE-2015-1607: Fixed memcpy with overlapping ranges (bsc#918090).

- bsc#955753: Fixed a regression of 'gpg --recv' due to keyserver import filter (also boo#952347). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2015:869-1
Released:    Wed Dec 23 10:01:16 2015
Summary:     Recommended update for libksba
Type:        security
Severity:    moderate
References:  926826
Description:

The libksba package was updated to fix the following security issues:

- Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2015:862-1
Released:    Wed Dec 23 17:40:51 2015
Summary:     Recommended update for acl
Type:        recommended
Severity:    moderate
References:  945899
Description:

This update for acl provides the following fixes:

- Fix segmentation fault of getfacl -e on overly long group name.
- Make sure that acl_from_text() always sets errno when it fails.
- Fix memory and resource leaks in getfacl.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:16-1
Released:    Tue Jan  5 15:13:34 2016
Summary:     Security update for libpng16
Type:        security
Severity:    moderate
References:  954980,CVE-2015-8126
Description:


  This update fixes the following security issue:

  * CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions
    allow remote attackers to cause a denial of service (application crash) or possibly have 
    unspecified other impact [bsc#954980]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:46-1
Released:    Fri Jan  8 12:37:34 2016
Summary:     Recommended update for gcr, gnome-keyring, libgcrypt, libsecret
Type:        recommended
Severity:    moderate
References:  932232
Description:


This update for gcr, gnome-keyring, libgcrypt, libsecret fixes issues when the system
operates in FIPS mode.

The various GNOME libraries and tool have been changed to use the default libgcrypt
allocators.

GNOME keyring was changed not to use MD5 anymore.

libgcrypt was adjusted to free the DRBG on exit to avoid crashes.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:104-1
Released:    Mon Jan 18 18:38:06 2016
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  942690,960341,CVE-2015-7554
Description:


This update to tiff 4.0.6 fixes the following issues:

- CVE-2015-7554: Out-of-bounds write in the thumbnail and tiffcmp tools allowed attacker to cause a denial of service or have unspecified further impact (bsc#960341)
- bsc#942690: potential out-of-bound write in NeXTDecode() (#2508)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:201-1
Released:    Thu Feb  4 15:51:22 2016
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  934333,936676,962983,962996,CVE-2016-0755
Description:


This update for curl fixes the following issues:

- CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer (bsc#962983)

The following non-security bugs were fixed:

- bsc#936676: secure_getenv or __secure_getenv may not be detected correctly at build time

The following tracked bugs only affect the test suite:

- bsc#962996: Expired cookie in test 46 caused test failures
- bsc#934333: Curl test suite was not run, is now enabled during build

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:371-1
Released:    Thu Mar  3 15:58:18 2016
Summary:     Recommended update for insserv-compat
Type:        recommended
Severity:    low
References:  960820
Description:


This update for insserv-compat fixes the name of the ntpd service.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:413-1
Released:    Fri Mar 11 10:17:57 2016
Summary:     Security update for libssh2_org
Type:        security
Severity:    moderate
References:  933336,961964,967026,CVE-2016-0787
Description:


This update for libssh2_org fixes the following issues: 

Security issue fixed:
- CVE-2016-0787 (bsc#967026):
  Weakness in diffie-hellman secret key generation lead to much shorter DH groups
  then needed, which could be used to retrieve server keys.

A feature was added:
- Support of SHA256 digests for DH group exchanges was added (fate#320343, bsc#961964)

Bug fixed:
- Properly detect EVP_aes_128_ctr at configure time (bsc#933336)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:462-1
Released:    Wed Mar 16 18:17:59 2016
Summary:     Recommended update for libcap
Type:        recommended
Severity:    low
References:  967838
Description:


This update for libcap adds two new capabilities (CAP_WAKE_ALARM and CAP_BLOCK_SUSPEND)
which are available in Linux Kernel 3.12.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:543-1
Released:    Fri Apr  1 18:44:16 2016
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  970882
Description:


This update for libgcrypt fixes a crash in GPG key generation when operating in FIPS mode. (bsc#970882)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:565-1
Released:    Wed Apr  6 16:26:42 2016
Summary:     Security update for gcc5
Type:        security
Severity:    moderate
References:  939460,945842,952151,953831,954002,955382,962765,964468,966220,968771,CVE-2015-5276
Description:


The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes
and enhancements.

The following security issue has been fixed:

- Fix C++11 std::random_device short read issue that could lead to predictable
  randomness. (CVE-2015-5276, bsc#945842)

The following non-security issues have been fixed:

- Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned. Fixes internal
  compiler error when building Wine. (bsc#966220)
- Fix a PowerPC specific issue in gcc-go that broke compilation of newer versions of
  Docker. (bsc#964468)
- Fix HTM built-ins on PowerPC. (bsc#955382)
- Fix libgo certificate lookup. (bsc#953831)
- Suppress deprecated-declarations warnings for inline definitions of deprecated virtual
  methods. (bsc#939460)
- Build s390[x] with '--with-tune=z9-109 --with-arch=z900' on SLE11 again. (bsc#954002)
- Revert accidental libffi ABI breakage on aarch64. (bsc#968771)
- On x86_64, set default 32bit code generation to -march=x86-64 rather than -march=i586.
- Add experimental File System TS library.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:636-1
Released:    Mon Apr 18 09:18:19 2016
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  965902,CVE-2015-7511
Description:

libgcrypt was updated to fix one security issue.

This security issue was fixed:
- CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves (bsc#965902).
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:643-1
Released:    Tue Apr 19 09:23:39 2016
Summary:     Recommended update for bzip2
Type:        recommended
Severity:    low
References:  970260
Description:


This update for bzip2 fixes the following issues:

- Fix bzgrep wrapper that always returns 0 as exit code when working on multiple
  archives, even when the pattern is not found.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:697-1
Released:    Thu Apr 28 16:03:24 2016
Summary:     Recommended update for libssh2_org
Type:        recommended
Severity:    important
References:  974691
Description:


This update for libssh2_org fixes a regression introduced by a previous update
which could result in a segmentation fault in EVP_DigestInit_Ex().

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:801-1
Released:    Thu May 19 22:38:01 2016
Summary:     Recommended update for curl
Type:        recommended
Severity:    moderate
References:  915846
Description:


This update for curl fixes the following issue:

- Fix 'Network is unreachable' error when ipv6 is not available but ipv4.
  This fixes the same error in applications using libcurl4 (like zypper). (bsc#915846)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:835-1
Released:    Wed May 25 18:27:30 2016
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  979629
Description:


This update for libgcrypt fixes the following issue:

- Fix failing reboot after installing fips pattern (bsc#979629) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:898-1
Released:    Tue Jun  7 09:48:12 2016
Summary:     Security update for expat
Type:        security
Severity:    important
References:  979441,980391,CVE-2015-1283,CVE-2016-0718
Description:


This update for expat fixes the following issues: 

Security issue fixed:
- CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. (bsc#979441)
- CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:900-1
Released:    Tue Jun  7 10:58:37 2016
Summary:     Security update for libksba
Type:        security
Severity:    moderate
References:  979261,979906,CVE-2016-4574,CVE-2016-4579
Description:


This update for libksba fixes the following issues:

- CVE-2016-4579: Out-of-bounds read in _ksba_ber_parse_tl()
- CVE-2016-4574: two OOB read access bugs (remote DoS) (bsc#979261)

Also adding reliability fixes from v1.3.4.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:987-1
Released:    Wed Jun 22 14:32:18 2016
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  981616
Description:


This update for procps fixes the following issues:

- Improve pmap(1) to be compatible with kernel 4.4. (bsc#981616)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1028-1
Released:    Thu Jul  7 11:50:47 2016
Summary:     Recommended update for findutils
Type:        recommended
Severity:    moderate
References:  986935
Description:


This update for findutils fixes the following issues:

- find -exec + would not pass all arguments for certain specific filename lengths (bsc#986935)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1124-1
Released:    Fri Jul 29 13:27:52 2016
Summary:     Recommended update for libxcb
Type:        recommended
Severity:    low
References:  984368
Description:


This update for libxcb provides the following fixes:

- Fix encoding of 64-bit elements in PRESENT extension. (bsc#984368)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1126-1
Released:    Sat Jul 30 00:39:03 2016
Summary:     Recommended update for kmod
Type:        recommended
Severity:    low
References:  983754,989788
Description:


This update for kmod fixes libkmod to handle very long lines in /proc/modules.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1205-1
Released:    Thu Aug 11 15:02:18 2016
Summary:     Recommended update for rpm
Type:        recommended
Severity:    low
References:  829717,894610,940315,953532,965322,967728
Description:


This update for rpm provides the following fixes:

- Add is_opensuse and leap_version macros to suse_macros. (bsc#940315)
- Add option to make postinstall scriptlet errors fatal. (bsc#967728)
- Normalize big blocksizes to 4096 bytes. (bsc#894610, bsc#829717, bsc#965322)
- Fix updating of sources/patches when recursing because of a BuildArch. (bsc#953532)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1228-1
Released:    Tue Aug 16 09:29:01 2016
Summary:     Security update for libidn
Type:        security
Severity:    moderate
References:  923241,990189,990190,990191,CVE-2015-2059,CVE-2015-8948,CVE-2016-6261,CVE-2016-6262,CVE-2016-6263
Description:


This update for libidn fixes the following issues:

- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)

- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190) 

- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)

- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241) 


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1247-1
Released:    Fri Aug 19 12:58:39 2016
Summary:     Security update for cracklib
Type:        security
Severity:    moderate
References:  992966,CVE-2016-6318
Description:


This update for cracklib fixes the following issues:

- Add patch to fix a buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1326-1
Released:    Thu Sep  8 11:37:44 2016
Summary:     Security update for perl
Type:        security
Severity:    moderate
References:  928292,932894,967082,984906,987887,988311,CVE-2015-8853,CVE-2016-1238,CVE-2016-2381,CVE-2016-6185
Description:


This update for Perl fixes the following issues:

- CVE-2016-6185: Xsloader looking at a '(eval)' directory. (bsc#988311)
- CVE-2016-1238: Searching current directory for optional modules. (bsc#987887)
- CVE-2015-8853: Regular expression engine hanging on bad utf8. (bsc)
- CVE-2016-2381: Environment dup handling bug. (bsc#967082)
- 'Insecure dependency in require' error in taint mode. (bsc#984906)
- Memory leak in 'use utf8' handling. (bsc#928292)
- Missing lock prototype to the debugger. (bsc#932894)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1330-1
Released:    Fri Sep  9 09:00:53 2016
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  964225,973340,984808,984831,984837,984842,987351,CVE-2015-8781,CVE-2015-8782,CVE-2015-8783,CVE-2016-3186,CVE-2016-5314,CVE-2016-5316,CVE-2016-5317,CVE-2016-5320,CVE-2016-5875
Description:


This update for tiff fixes the following issues:

* CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225)
* CVE-2016-3186: Buffer overflow in gif2tiff (bnc#973340).
* CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat (bsc#987351)
* CVE-2016-5316: Out-of-bounds read in PixarLogCleanup() function in tif_pixarlog.c (bsc#984837)
* CVE-2016-5314: Out-of-bounds write in PixarLogDecode() function (bsc#984831)
* CVE-2016-5317: Out-of-bounds write in PixarLogDecode() function in libtiff.so (bsc#984842)
* CVE-2016-5320: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c (bsc#984808) 


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1347-1
Released:    Wed Sep 14 09:12:04 2016
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  982176,987577,988032,991436,991622,991710,995034,CVE-2016-5116,CVE-2016-6128,CVE-2016-6132,CVE-2016-6161,CVE-2016-6207,CVE-2016-6214,CVE-2016-6905
Description:


This update for gd fixes the following issues:

  * CVE-2016-6214: Buffer over-read issue when parsing crafted TGA file [bsc#991436]
  * CVE-2016-6132: read out-of-bands was found in the parsing of TGA files using libgd [bsc#987577]
  * CVE-2016-6128: Invalid color index not properly handled [bsc#991710]
  * CVE-2016-6207: Integer overflow error within _gdContributionsAlloc() [bsc#991622]
  * CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032]
  * CVE-2016-5116: avoid stack overflow (read) with large names [bsc#982176]
  * CVE-2016-6905: Out-of-bounds read in function read_image_tga in gd_tga.c [bsc#995034]


-----------------------------------------------------------------
Advisory ID: SUSE-OU-2016:1358-1
Released:    Thu Sep 15 20:54:21 2016
Summary:     Optional update for gcc6
Type:        optional
Severity:    low
References:  983206
Description:


This update ships the GNU Compiler Collection (GCC) in version 6.2.

This update is shipped in two parts:

- SUSE Linux Enterprise Server 12 and Desktop:

  The runtime libraries libgcc_s1, libstdc++6, libatomic1, libgomp1, libitm1
  and some others can now be used by GCC 6 built binaries.

- SUSE Linux Enterprise 12 Toolchain Module:

  The Toolchain module received the GCC 6 compiler suite with this update.

Changes:

- The default mode for C++ is now -std=gnu++14 instead of -std=gnu++98.

Generic Optimization improvements:

- UndefinedBehaviorSanitizer gained a new sanitization option,
  -fsanitize=bounds-strict, which enables strict checking of array
  bounds. In particular, it enables -fsanitize=bounds as well as
  instrumentation of flexible array member-like arrays.
- Type-based alias analysis now disambiguates accesses to different
  pointers. This improves precision of the alias oracle by about 20-30%
  on higher-level C++ programs. Programs doing invalid type punning of
  pointer types may now need -fno-strict-aliasing to work correctly.
- Alias analysis now correctly supports weakref and alias attributes. This
  makes it possible to access both a variable and its alias in one
  translation unit which is common with link-time optimization.
- Value range propagation now assumes that the this pointer of C++
  member functions is non-null. This eliminates common null pointer checks
  but also breaks some non-conforming code-bases (such as Qt-5, Chromium,
  KDevelop). As a temporary work-around -fno-delete-null-pointer-checks
  can be used. Wrong code can be identified by using -fsanitize=undefined.
- Various Link-time optimization improvements.
- Inter-procedural optimization improvements:
    - Basic jump threading is now performed before profile construction
      and inline analysis, resulting in more realistic size and time
      estimates that drive the heuristics of the of inliner and function
      cloning passes.
    - Function cloning now more aggressively eliminates unused function
      parameters.
- Compared to GCC 5, the GCC 6 release series includes a much improved
  implementation of the OpenACC 2.0a specification.

C language specific improvements:

- Version 4.5 of the OpenMP specification is now supported in the C and C++ compilers.
- Source locations for the C and C++ compilers are now tracked as ranges,
  rather than just points, making it easier to identify the subexpression
  of interest within a complicated expression. In addition, there is
  now initial support for precise diagnostic locations within strings,
- Diagnostics can now contain 'fix-it hints', which are displayed in
  context underneath the relevant source code.
- The C and C++ compilers now offer suggestions for misspelled field names.
- New command-line options have been added for the C and C++ compilers:
    - -Wshift-negative-value warns about left shifting a negative value.
    - -Wshift-overflow warns about left shift overflows. This warning is
      enabled by default. -Wshift-overflow=2 also warns about left-shifting
      1 into the sign bit.
    - -Wtautological-compare warns if a self-comparison always evaluates
      to true or false. This warning is enabled by -Wall.
    - -Wnull-dereference warns if the compiler detects paths that
      trigger erroneous or undefined behavior due to dereferencing a null
      pointer. This option is only active when -fdelete-null-pointer-checks
      is active, which is enabled by optimizations in most targets. The
      precision of the warnings depends on the optimization options used.
    - -Wduplicated-cond warns about duplicated conditions in an if-else-if chain.
    - -Wmisleading-indentation warns about places where the indentation
      of the code gives a misleading idea of the block structure of the
      code to a human reader. This warning is enabled by -Wall.
- The C and C++ compilers now emit saner error messages if merge-conflict markers
  are present in a source file.

C improvements:

- It is possible to disable warnings when an initialized field
  of a structure or a union with side effects is being overridden
  when using designated initializers via a new warning option
  -Woverride-init-side-effects.
- A new type attribute scalar_storage_order applying to structures
  and unions has been introduced. It specifies the storage order (aka
  endianness) in memory of scalar fields in structures or unions.

C++ improvements:

- The default mode has been changed to -std=gnu++14.
- C++ Concepts are now supported when compiling with -fconcepts.
- -flifetime-dse is more aggressive in dead-store elimination in situations where
  a memory store to a location precedes a constructor to that memory location.
- G++ now supports C++17 fold expressions, u8 character literals, extended static_assert,
  and nested namespace definitions.
- G++ now allows constant evaluation for all non-type template arguments.
- G++ now supports C++ Transactional Memory when compiling with -fgnu-tm.

libstdc++ improvements:

- Extensions to the C++ Library to support mathematical special functions
  (ISO/IEC 29124:2010), thanks to Edward Smith-Rowland.
- Experimental support for C++17.
- An experimental implementation of the File System TS.
- Experimental support for most features of the second version of the
  Library Fundamentals TS. This includes polymorphic memory resources and
  array support in shared_ptr, thanks to Fan You.
- Some assertions checked by Debug Mode can now also be enabled by
  _GLIBCXX_ASSERTIONS. The subset of checks enabled by the new macro have
  less run-time overhead than the full _GLIBCXX_DEBUG checks and don't
  affect the library ABI, so can be enabled per-translation unit.

Fortran improvements:

- Fortran 2008 SUBMODULE support.
- Fortran 2015 EVENT_TYPE, EVENT_POST, EVENT_WAIT, and EVENT_QUERY support.
- Improved support for Fortran 2003 deferred-length character variables.
- Improved support for OpenMP and OpenACC.
- The MATMUL intrinsic is now inlined for straightforward cases if
  front-end optimization is active. The maximum size for inlining can be
  set to n with the -finline-matmul-limit=n option and turned off with
  -finline-matmul-limit=0.
- The -Wconversion-extra option will warn about REAL constants which
  have excess precision for their kind.
- The -Winteger-division option has been added, which warns about
  divisions of integer constants which are truncated. This option is
  included in -Wall by default.

Architecture improvements:

- AArch64 received a lot of improvements.

IA-32/x86-64 improvements:

- GCC now supports the Intel CPU named Skylake with AVX-512 extensions
  through -march=skylake-avx512. The switch enables the following ISA
  extensions: AVX-512F, AVX512VL, AVX-512CD, AVX-512BW, AVX-512DQ.
- Support for new AMD instructions monitorx and mwaitx has been
  added. This includes new intrinsic and built-in support. It is enabled
  through option -mmwaitx. The instructions monitorx and mwaitx implement
  the same functionality as the old monitor and mwait instructions. In
  addition mwaitx adds a configurable timer. The timer value is received
  as third argument and stored in register %ebx.
- x86-64 targets now allow stack realignment from a word-aligned stack
  pointer using the command-line option -mstackrealign or __attribute__
  ((force_align_arg_pointer)). This allows functions compiled with
  a vector-aligned stack to be invoked from objects that keep only
  word-alignment.
- Support for address spaces __seg_fs, __seg_gs, and __seg_tls. These
  can be used to access data via the %fs and %gs segments without having
  to resort to inline assembly.
- Support for AMD Zen (family 17h) processors is now available through
  the -march=znver1 and -mtune=znver1 options.

PowerPC / PowerPC64 / RS6000 improvements:

- PowerPC64 now supports IEEE 128-bit floating-point using the
  __float128 data type. In GCC 6, this is not enabled by default, but you
  can enable it with -mfloat128. The IEEE 128-bit floating-point support
  requires the use of the VSX instruction set. IEEE 128-bit floating-point
  values are passed and returned as a single vector value. The software
  emulator for IEEE 128-bit floating-point support is only built on
  PowerPC GNU/Linux systems where the default CPU is at least power7. On
  future ISA 3.0 systems (POWER 9 and later), you will be able to use the
  -mfloat128-hardware option to use the ISA 3.0 instructions that support
  IEEE 128-bit floating-point. An additional type (__ibm128) has been added
  to refer to the IBM extended double type that normally implements long
  double. This will allow for a future transition to implementing long
  double with IEEE 128-bit floating-point.
- Basic support has been added for POWER9 hardware that will use the
  recently published OpenPOWER ISA 3.0 instructions. The following new
  switches are available:
     - -mcpu=power9: Implement all of the ISA 3.0 instructions supported by
       the compiler.
     - -mtune=power9: In the future, apply tuning for POWER9 systems. Currently,
       POWER8 tunings are used.
     - -mmodulo: Generate code using the ISA 3.0 integer instructions (modulus,
       count trailing zeros, array index support, integer multiply/add).
     - -mpower9-fusion: Generate code to suitably fuse instruction sequences for
       a POWER9 system.
     - -mpower9-dform: Generate code to use the new D-form (register+offset) memory
       instructions for the vector registers.
     - -mpower9-vector: Generate code using the new ISA 3.0 vector (VSX or Altivec)
       instructions.
     - -mpower9-minmax: Reserved for future development.
     - -mtoc-fusion: Keep TOC entries together to provide more fusion opportunities.
- New constraints have been added to support IEEE 128-bit floating-point and ISA 3.0
  instructions.
- Support has been added for __builtin_cpu_is() and __builtin_cpu_supports(),
  allowing for very fast access to AT_PLATFORM, AT_HWCAP, and AT_HWCAP2 values.
  This requires use of glibc 2.23 or later.
- All hardware transactional memory builtins now correctly behave as
  memory barriers. Programmers can use #ifdef __TM_FENCE__ to determine
  whether their 'old' compiler treats the builtins as barriers.
- Split-stack support has been added for gccgo on PowerPC64 for both
  big- and little-endian (but not for 32-bit). The gold linker from at
  least binutils 2.25.1 must be available in the PATH when configuring and
  building gccgo to enable split stack. (The requirement for binutils 2.25.1
  applies to PowerPC64 only.) The split-stack feature allows a small initial
  stack size to be allocated for each goroutine, which increases as needed.
- GCC on PowerPC now supports the standard lround function.
- The 'q', 'S', 'T', and 't' asm-constraints have been removed.
- The 'b', 'B', 'm', 'M', and 'W' format modifiers have been removed.

S/390, System z, IBM z Systems improvements:

- Support for the IBM z13 processor has been added. When using the
  -march=z13 option, the compiler will generate code making use of the
  new instructions and registers introduced with the vector extension
  facility. The -mtune=z13 option enables z13 specific instruction
  scheduling without making use of new instructions.
- Compiling code with -march=z13 reduces the default alignment of vector
  types bigger than 8 bytes to 8. This is an ABI change and care must be
  taken when linking modules compiled with different arch levels which
  interchange variables containing vector type values. For newly compiled
  code the GNU linker will emit a warning.
- The -mzvector option enables a C/C++ language extension. This extension
  provides a new keyword vector which can be used to define vector type
  variables. (Note: This is not available when enforcing strict standard
  compliance e.g. with -std=c99. Either enable GNU extensions with
  e.g. -std=gnu99 or use __vector instead of vector.)
- Additionally a set of overloaded builtins is provided which is partially
  compatible to the PowerPC Altivec builtins. In order to make use of
  these builtins the vecintrin.h header file needs to be included.
- The new command line options -march=native, and -mtune=native are now
  available on native IBM z Systems. Specifying these options will cause
  GCC to auto-detect the host CPU and rewrite these options to the optimal
  setting for that system. If GCC is unable to detect the host CPU these
  options have no effect.
- The IBM z Systems port now supports target attributes and
  pragmas. Please refer to the documentation for details of available
  attributes and pragmas as well as usage instructions.
- -fsplit-stack is now supported as part of the IBM z Systems port. This
  feature requires a recent gold linker to be used.
- Support for the g5 and g6 -march=/-mtune= CPU level switches has been
  deprecated and will be removed in a future GCC release. -m31 from now
  on defaults to -march=z900 if not specified otherwise. -march=native on
  a g5/g6 machine will default to -march=z900.

An even more detailed list of features can be found at:
https://gcc.gnu.org/gcc-6/changes.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1364-1
Released:    Fri Sep 16 17:13:43 2016
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  991389,991390,991391,991746,997420,CVE-2016-5419,CVE-2016-5420,CVE-2016-5421,CVE-2016-7141
Description:


This update for curl fixes the following issues:

Security issues fixed:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
- CVE-2016-5421: use of connection struct after free (bsc#991391)
- CVE-2016-7141: Fixed incorrect reuse of client certificates with NSS (bsc#997420)

Also the following bug was fixed:
- fixing a performance issue (bsc#991746)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1370-1
Released:    Wed Sep 21 12:58:14 2016
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  994157,CVE-2016-6313
Description:


This update for libgcrypt fixes the following issues:

  - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1461-1
Released:    Wed Oct 12 11:31:33 2016
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  974449,974614,974618,975069,975070,CVE-2016-3622,CVE-2016-3623,CVE-2016-3945,CVE-2016-3990,CVE-2016-3991
Description:

This update for tiff fixes the following security issues:

- CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba (bsc#974449)
- Various out-of-bound write vulnerabilities with unspecified impact (MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098)
- CVE-2016-3623: Specially crafted TIFF images could trigger a crash in rgb2ycbcr (bsc#974618)
- CVE-2016-3945: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via tiff2rgba (bsc#974614)
- CVE-2016-3990: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution (bsc#975069)
- CVE-2016-3991: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via the tiffcrop tool (bsc#975070)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1464-1
Released:    Wed Oct 12 11:36:01 2016
Summary:     Security update for X Window System client libraries
Type:        security
Severity:    moderate
References:  1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023,CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Description:

This update for the X Window System client libraries fixes a class of privilege escalation issues.

A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level boundaries.

libX11, libXfixes, libXi, libXrandr, libXrender, libXtst, libXv, libXvMC were fixed, specifically:

libX11:
- CVE-2016-7942: insufficient validation of data from the X server allowed out of boundary memory read (bsc#1002991)

libXfixes:
- CVE-2016-7944: insufficient validation of data from the X server can cause an integer overflow on 32 bit architectures (bsc#1002995)

libXi:
- CVE-2016-7945, CVE-2016-7946: insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service) (bsc#1002998)

libXtst:
- CVE-2016-7951, CVE-2016-7952: insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service) (bsc#1003012)

libXv:
- CVE-2016-5407: insufficient validation of data from the X server can cause out of boundary memory and memory corruption (bsc#1003017)

libXvMC:
- CVE-2016-7953: insufficient validation of data from the X server can cause a one byte buffer read underrun (bsc#1003023)

libXrender:
- CVE-2016-7949, CVE-2016-7950: insufficient validation of data from the X server can cause out of boundary memory writes (bsc#1003002)

libXrandr:
- CVE-2016-7947, CVE-2016-7948: insufficient validation of data from the X server can cause out of boundary memory writes (bsc#1003000)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1571-1
Released:    Fri Oct 28 14:54:49 2016
Summary:     Security update for gd
Type:        security
Severity:    important
References:  1001900,1004924,1005274,CVE-2016-6911,CVE-2016-7568,CVE-2016-8670
Description:


This update for gd fixes the following security issues:

- CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code
                 when the image is converted to webp (bsc#1001900)
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1591-1
Released:    Wed Nov  2 12:07:51 2016
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1005633,1005634,1005635,1005637,1005638,1005640,1005642,1005643,1005645,1005646,998760,CVE-2016-7167,CVE-2016-8615,CVE-2016-8616,CVE-2016-8617,CVE-2016-8618,CVE-2016-8619,CVE-2016-8620,CVE-2016-8621,CVE-2016-8622,CVE-2016-8623,CVE-2016-8624
Description:

This update for curl fixes the following security issues:

- CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
- CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
- CVE-2016-8622: URL unescape heap overflow via integer truncation (bsc#1005643)
- CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
- CVE-2016-8620: glob parser write/read out of bounds (bsc#1005640)
- CVE-2016-8619: double-free in krb5 code (bsc#1005638)
- CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
- CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
- CVE-2016-8616: case insensitive password comparison (bsc#1005634)
- CVE-2016-8615: cookie injection for other servers (bsc#1005633)
- CVE-2016-7167: escape and unescape integer overflows (bsc#998760)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1614-1
Released:    Mon Nov  7 20:01:31 2016
Summary:     Recommended update for shadow
Type:        recommended
Severity:    low
References:  1002975
Description:


This update for shadow fixes the following issues:

- Set file modes according to the permissions package and don't attempt to
  manipulate them in %files section. (bsc#1002975)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1641-1
Released:    Thu Nov 10 20:02:04 2016
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    moderate
References:  1006469,958369,979436
Description:


This update for sg3_utils provides the following fixes:

- Adjust 55-scsi-sg3_id.rules to correctly handle VPD page 0x80. This issue could
  prevent some IBM Power systems from booting after installation. (bsc#1006469)
- Fix 55-scsi_sg3_id.rules to skip sg_inq on recent kernels. (bsc#979436)
- In some circumstances, the rescan-scsi-bus.sh script failed to identify new LUNs
  that have been added to the server. (bsc#958369)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1668-1
Released:    Thu Nov 17 14:34:38 2016
Summary:     Security update for X Window System client libraries
Type:        security
Severity:    moderate
References:  1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023,CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Description:


This update for the X Window System client libraries fixes a class of privilege escalation issues.

A malicious X Server could send specially crafted data to X clients, which allowed for triggering
crashes, or privilege escalation if this relationship was untrusted or crossed user or permission
level boundaries.

libX11, libXfixes, libXi, libXrandr, libXrender, libXtst, libXv, libXvMC were fixed, specifically:

libX11:
- CVE-2016-7942: insufficient validation of data from the X server allowed out of boundary memory
  read (bsc#1002991)

libXfixes:
- CVE-2016-7944: insufficient validation of data from the X server can cause an integer overflow
  on 32 bit architectures (bsc#1002995)

libXi:
- CVE-2016-7945, CVE-2016-7946: insufficient validation of data from the X server can cause out of
  boundary memory access or endless loops (Denial of Service) (bsc#1002998)

libXtst:
- CVE-2016-7951, CVE-2016-7952: insufficient validation of data from the X server can cause out of
  boundary memory access or endless loops (Denial of Service) (bsc#1003012)

libXv:
- CVE-2016-5407: insufficient validation of data from the X server can cause out of boundary memory
  and memory corruption (bsc#1003017)

libXvMC:
- CVE-2016-7953: insufficient validation of data from the X server can cause a one byte buffer read
  underrun (bsc#1003023)

libXrender:
- CVE-2016-7949, CVE-2016-7950: insufficient validation of data from the X server can cause out of
  boundary memory writes (bsc#1003002)

libXrandr:
- CVE-2016-7947, CVE-2016-7948: insufficient validation of data from the X server can cause out of
  boundary memory writes (bsc#1003000)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1744-1
Released:    Fri Dec  2 11:42:41 2016
Summary:     Security update for pcre
Type:        security
Severity:    moderate
References:  906574,924960,933288,933878,936227,942865,957566,957567,957598,957600,960837,971741,972127,CVE-2014-8964,CVE-2015-2325,CVE-2015-2327,CVE-2015-2328,CVE-2015-3210,CVE-2015-3217,CVE-2015-5073,CVE-2015-8380,CVE-2015-8381,CVE-2015-8382,CVE-2015-8383,CVE-2015-8384,CVE-2015-8385,CVE-2015-8386,CVE-2015-8387,CVE-2015-8388,CVE-2015-8389,CVE-2015-8390,CVE-2015-8391,CVE-2015-8392,CVE-2015-8393,CVE-2015-8394,CVE-2015-8395,CVE-2016-1283,CVE-2016-3191
Description:


This update for pcre to version 8.39 (bsc#972127) fixes several issues.

If you use pcre extensively please be aware that this is an update to a new version. Please
make sure that your software works with the updated version.

This version fixes a number of vulnerabilities that affect pcre
and applications using the libary when accepting untrusted input
as regular expressions or as part thereof. Remote attackers could
have caused the application to crash, disclose information or
potentially execute arbitrary code. These security issues were fixed:

- CVE-2014-8964: Heap-based buffer overflow in PCRE allowed remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats (bsc#906574).
- CVE-2015-2325: Heap buffer overflow in compile_branch() (bsc#924960).
- CVE-2015-3210: Heap buffer overflow in pcre_compile2() / compile_regex() (bsc#933288)
- CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match() (bsc#933878).
- CVE-2015-5073: Library Heap Overflow Vulnerability in find_fixedlength() (bsc#936227).
- bsc#942865: heap overflow in compile_regex()
- CVE-2015-8380: The pcre_exec function in pcre_exec.c mishandled a // pattern with a \01 string, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957566).
- CVE-2015-2327: PCRE mishandled certain patterns with internal recursive back references, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957567).
- bsc#957598: Various security issues 
- CVE-2015-8381: Heap Overflow in compile_regex() (bsc#957598).
- CVE-2015-8382: Regular Expression Uninitialized Pointer Information Disclosure Vulnerability (ZDI-CAN-2547)(bsc#957598).
- CVE-2015-8383: Buffer overflow caused by repeated conditional group(bsc#957598).
- CVE-2015-8384: Buffer overflow caused by recursive back reference by name within certain group(bsc#957598).
- CVE-2015-8385: Buffer overflow caused by forward reference by name to certain group(bsc#957598).
- CVE-2015-8386: Buffer overflow caused by lookbehind assertion(bsc#957598).
- CVE-2015-8387: Integer overflow in subroutine calls(bsc#957598).
- CVE-2015-8388: Buffer overflow caused by certain patterns with an unmatched closing parenthesis(bsc#957598).
- CVE-2015-8389: Infinite recursion in JIT compiler when processing certain patterns(bsc#957598).
- CVE-2015-8390: Reading from uninitialized memory when processing certain patterns(bsc#957598).
- CVE-2015-8391: Some pathological patterns causes pcre_compile() to run for a very long time(bsc#957598).
- CVE-2015-8392: Buffer overflow caused by certain patterns with duplicated named groups(bsc#957598).
- CVE-2015-8393: Information leak when running pcgrep -q on crafted binary(bsc#957598).
- CVE-2015-8394: Integer overflow caused by missing check for certain conditions(bsc#957598).
- CVE-2015-8395: Buffer overflow caused by certain references(bsc#957598).
- CVE-2015-2328: PCRE mishandled the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression (bsc#957600).
- CVE-2016-1283: The pcre_compile2 function in pcre_compile.c in PCRE mishandled certain patterns with named subgroups, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression (bsc#960837).
- CVE-2016-3191: The compile_branch function in pcre_compile.c in pcre2_compile.c mishandled patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allowed remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression (bsc#971741).

These non-security issues were fixed:
- JIT compiler improvements
- performance improvements
- The Unicode data tables have been updated to Unicode 7.0.0.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1749-1
Released:    Mon Dec  5 09:28:00 2016
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1002991,CVE-2016-7942
Description:


libX11 was updated to fix a memory leak that was introduced with the
security fix for CVE-2016-7942.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1782-1
Released:    Fri Dec  9 13:35:02 2016
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1001790,1004289,1005404,1006372,1006690,989831,991443
Description:


This update for systemd provides the following fixes:

- Allow to redirect confirmation messages to a different console. (bsc#1006690)
- Do not bind a mount unit to a device, if it was from mountinfo. (bsc#989831)
- Decrease systemd-nspawn's non-fatal mount errors to debug level. (bsc#1004289)
- Don't emit space usage message right after opening the persistent journal. (bsc#991443)
- Change owner of /var/log/journal/remote and create /var/lib/systemd/journal-upload.
  (bsc#1006372)
- Document that *KeyIgnoreInhibited only apply to a subset of locks.
- Revert 'logind: really handle *KeyIgnoreInhibited options in logind.conf'.
  (bsc#1001790, bsc#1005404)
- Revert 'kbd-model-map: add more mappings offered by Yast'.
- Don't busy loop when we get a notification message we can't process.
- Rename kbd-model-map-extra into kbd-model-map.legacy.
- Add kbd-model-map-extra file which contains the additional maps needed by YaST.
- Drop localfs.service: unused and not needed anymore.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1827-1
Released:    Thu Dec 15 12:41:10 2016
Summary:     Security update for pcre
Type:        security
Severity:    moderate
References:  906574,924960,933288,933878,936227,942865,957566,957567,957598,957600,960837,971741,972127,CVE-2014-8964,CVE-2015-2325,CVE-2015-2327,CVE-2015-2328,CVE-2015-3210,CVE-2015-3217,CVE-2015-5073,CVE-2015-8380,CVE-2015-8381,CVE-2015-8382,CVE-2015-8383,CVE-2015-8384,CVE-2015-8385,CVE-2015-8386,CVE-2015-8387,CVE-2015-8388,CVE-2015-8389,CVE-2015-8390,CVE-2015-8391,CVE-2015-8392,CVE-2015-8393,CVE-2015-8394,CVE-2015-8395,CVE-2016-1283,CVE-2016-3191
Description:


This update for pcre to version 8.39 (bsc#972127) fixes several issues.

If you use pcre extensively please be aware that this is an update to a new version. Please
make sure that your software works with the updated version.

This version fixes a number of vulnerabilities that affect pcre
and applications using the libary when accepting untrusted input
as regular expressions or as part thereof. Remote attackers could
have caused the application to crash, disclose information or
potentially execute arbitrary code. These security issues were fixed:

- CVE-2014-8964: Heap-based buffer overflow in PCRE allowed remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats (bsc#906574).
- CVE-2015-2325: Heap buffer overflow in compile_branch() (bsc#924960).
- CVE-2015-3210: Heap buffer overflow in pcre_compile2() / compile_regex() (bsc#933288)
- CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match() (bsc#933878).
- CVE-2015-5073: Library Heap Overflow Vulnerability in find_fixedlength() (bsc#936227).
- bsc#942865: heap overflow in compile_regex()
- CVE-2015-8380: The pcre_exec function in pcre_exec.c mishandled a // pattern with a \01 string, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957566).
- CVE-2015-2327: PCRE mishandled certain patterns with internal recursive back references, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957567).
- bsc#957598: Various security issues 
- CVE-2015-8381: Heap Overflow in compile_regex() (bsc#957598).
- CVE-2015-8382: Regular Expression Uninitialized Pointer Information Disclosure Vulnerability (ZDI-CAN-2547)(bsc#957598).
- CVE-2015-8383: Buffer overflow caused by repeated conditional group(bsc#957598).
- CVE-2015-8384: Buffer overflow caused by recursive back reference by name within certain group(bsc#957598).
- CVE-2015-8385: Buffer overflow caused by forward reference by name to certain group(bsc#957598).
- CVE-2015-8386: Buffer overflow caused by lookbehind assertion(bsc#957598).
- CVE-2015-8387: Integer overflow in subroutine calls(bsc#957598).
- CVE-2015-8388: Buffer overflow caused by certain patterns with an unmatched closing parenthesis(bsc#957598).
- CVE-2015-8389: Infinite recursion in JIT compiler when processing certain patterns(bsc#957598).
- CVE-2015-8390: Reading from uninitialized memory when processing certain patterns(bsc#957598).
- CVE-2015-8391: Some pathological patterns causes pcre_compile() to run for a very long time(bsc#957598).
- CVE-2015-8392: Buffer overflow caused by certain patterns with duplicated named groups(bsc#957598).
- CVE-2015-8393: Information leak when running pcgrep -q on crafted binary(bsc#957598).
- CVE-2015-8394: Integer overflow caused by missing check for certain conditions(bsc#957598).
- CVE-2015-8395: Buffer overflow caused by certain references(bsc#957598).
- CVE-2015-2328: PCRE mishandled the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression (bsc#957600).
- CVE-2016-1283: The pcre_compile2 function in pcre_compile.c in PCRE mishandled certain patterns with named subgroups, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression (bsc#960837).
- CVE-2016-3191: The compile_branch function in pcre_compile.c in pcre2_compile.c mishandled patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allowed remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression (bsc#971741).

These non-security issues were fixed:
- JIT compiler improvements
- performance improvements
- The Unicode data tables have been updated to Unicode 7.0.0.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2016:1863-1
Released:    Wed Dec 21 10:41:35 2016
Summary:     Recommended updated for pth
Type:        recommended
Severity:    low
References:  1013286
Description:


This update adds the 32bit version of libpth20 to SUSE Linux Enterprise 12 SP1 and 12 SP2.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1868-1
Released:    Wed Dec 21 16:24:02 2016
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1015187,CVE-2016-9933
Description:


This update for gd fixes the following issues:

* CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2016:1937-1
Released:    Thu Dec 29 20:47:49 2016
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1007280,1010161,1010163,1011103,1011107,914890,974449,974840,984813,984815,987351,CVE-2014-8127,CVE-2016-3622,CVE-2016-3658,CVE-2016-5321,CVE-2016-5323,CVE-2016-5652,CVE-2016-5875,CVE-2016-9273,CVE-2016-9297,CVE-2016-9448,CVE-2016-9453
Description:


The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues.

- CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890]
- CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField() [bnc#1010161]
- CVE-2016-3658: Illegal read in TIFFWriteDirectoryTagLongLong8Array function in tiffset / tif_dirwrite.c [bnc#974840]
- CVE-2016-9273: heap overflow [bnc#1010163]
- CVE-2016-3622: divide By Zero in the tiff2rgba tool [bnc#974449]
- CVE-2016-5652: tiff2pdf JPEG Compression Tables Heap Buffer Overflow [bnc#1007280]
- CVE-2016-9453: out-of-bounds Write memcpy and less bound check in tiff2pdf [bnc#1011107]
- CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat [bnc#987351]
- CVE-2016-9448: regression introduced by fixing CVE-2016-9297 [bnc#1011103]
- CVE-2016-5321: out-of-bounds read in tiffcrop /  DumpModeDecode() function [bnc#984813]
- CVE-2016-5323: Divide-by-zero in _TIFFFax3fillruns() function (null ptr dereference?) [bnc#984815]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:2-1
Released:    Mon Jan  2 08:35:08 2017
Summary:     Security update for zlib
Type:        security
Severity:    moderate
References:  1003577,1003579,1003580,1013882,CVE-2016-9840,CVE-2016-9841,CVE-2016-9842,CVE-2016-9843
Description:


This update for zlib fixes the following issues:

CVE-2016-9843: Big-endian out-of-bounds pointer

CVE-2016-9842: Undefined Left Shift of Negative Number (bsc#1003580) 

CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bsc#1003579)

Incompatible declarations for external linkage function deflate (bsc#1003577)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:6-1
Released:    Tue Jan  3 15:01:58 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1012390,1012591,1012818,1013989,1015515,909418,912715,945340,953807,963290,990538
Description:


This update for systemd fixes the following issues:

- core: Make mount units from /proc/self/mountinfo possibly bind to a device. Fixes
  unmounting issues when ejecting CDs or DVDs. (bsc#909418, bsc#912715, bsc#945340)
- fstab-generator: Remove bogus condition that leads to warnings on boot. (bsc#1013989)
- coredumpctl: Let gdb handle the SIGINT signal. (bsc#1012591)
- Ship kbd-model-map with the correct contents. (bsc#1015515)
- rules: Set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 only with ADD event.
  (bsc#963290, bsc#990538)
- tmpfiles: Don't skip path_set_perms on error. (bsc#953807)
- nspawn: Properly handle image/directory paths that are symbolic links. (bsc#1012390)
- systemctl: Fix 'is-enabled' exit status on failure when executed in chroot. (bsc#1012818)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:32-1
Released:    Mon Jan  9 11:50:42 2017
Summary:     Recommended update for dirmngr
Type:        recommended
Severity:    low
References:  994794
Description:


This update for dirmngr enables support for daemon mode.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:47-1
Released:    Wed Jan 11 11:42:43 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1018214,1018399
Description:


This update for systemd fixes the following two issues:
- A regression in the previous update (SUSE-RU-2017:0013-1, bsc#909418) could have caused systemd to freeze.
  (bsc#1018399)
- Warnings emitted when udev socket units are restarted during package upgrade were silenced. (bsc#1018214)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:98-1
Released:    Thu Jan 19 10:17:55 2017
Summary:     Recommended update for kmod
Type:        recommended
Severity:    low
References:  998906
Description:


This update for kmod fixes a rare race condition while loading modules.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:149-1
Released:    Wed Jan 25 09:17:08 2017
Summary:     Security update for systemd
Type:        security
Severity:    important
References:  1012266,1014560,1014566,1020601,997682,CVE-2016-10156
Description:


This update for systemd fixes the following issues:

This security issue was fixed:

- CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges (bsc#1020601).

These non-security issues were fixed:

- Fix permission set on /var/lib/systemd/linger/*
- install: follow config_path symlink (#3362)
- install: fix disable when /etc/systemd/system is a symlink (bsc#1014560)
- run: make --slice= work in conjunction with --scope (bsc#1014566)
- core: don't dispatch load queue when setting Slice= for transient units
- systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266)
- rule: don't automatically online standby memory on s390x (bsc#997682)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:185-1
Released:    Thu Feb  2 18:22:37 2017
Summary:     Security update for cpio
Type:        security
Severity:    moderate
References:  1020108,963448,CVE-2016-2037
Description:


This update for cpio fixes two issues.

This security issue was fixed:

- CVE-2016-2037: The cpio_safer_name_suffix function in util.c in cpio allowed remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file (bsc#963448).

This non-security issue was fixed:

- bsc#1020108: Always use 32 bit CRC to prevent checksum errors for files greater than 32MB

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:192-1
Released:    Fri Feb  3 18:46:05 2017
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1005544,1010675,1013930,1014873,1017497,CVE-2016-4658,CVE-2016-9318,CVE-2016-9597
Description:


This update for libxml2 fixes the following issues:

* CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544]
* Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873]
* CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497).

For CVE-2016-9318 we decided not to ship a fix since it can break existing setups. Please take appropriate actions if you parse untrusted XML files
and use the new -noxxe flag if possible (bnc#1010675, bnc#1013930).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:209-1
Released:    Tue Feb  7 17:00:47 2017
Summary:     Recommended update for libseccomp
Type:        recommended
Severity:    low
References:  1019900
Description:


This update provides libseccomp version 2.3.1 which fixes the following issues:

- Fixed a problem with 32-bit x86 socket syscalls on some systems (fate#321647, bsc#1019900)
- Fixed problems with ipc syscalls on 32-bit x86
- Fixed problems with socket and ipc syscalls on s390 and s390x

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:212-1
Released:    Wed Feb  8 13:07:24 2017
Summary:     Security update for expat
Type:        security
Severity:    moderate
References:  983215,983216,CVE-2012-6702,CVE-2016-5300
Description:


This update for expat fixes the following security issues:

- CVE-2012-6702: Expat, when used in a parser that has not
  called XML_SetHashSalt or passed it a seed of 0, made it easier for
  context-dependent attackers to defeat cryptographic protection mechanisms
  via vectors involving use of the srand function.  (bsc#983215)
- CVE-2016-5300: The XML parser in Expat did not use sufficient entropy
  for hash initialization, which allowed context-dependent attackers to
  cause a denial of service (CPU consumption) via crafted identifiers in
  an XML document. NOTE: this vulnerability exists because of an incomplete
  fix for CVE-2012-0876.  (bsc#983216)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:228-1
Released:    Fri Feb 10 15:39:32 2017
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1000677,1001912,1009528,1019637,1021641,1022085,1022086,1022271,CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Description:


This update for openssl fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)

Security issues fixed:
- CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results (bsc#1009528)
- CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085)
- CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64 (bsc#1022086)
- Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912)

Non-security issues fixed:
- fix crash in openssl speed (bsc#1000677)
- fix X509_CERT_FILE path (bsc#1022271)
- AES XTS key parts must not be identical in FIPS mode (bsc#1019637)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:231-1
Released:    Mon Feb 13 11:40:25 2017
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1019611,1022103,CVE-2017-5225
Description:


This update for tiff fixes the following issues:

- A crafted TIFF image could cause a crash and potential code execution when
processed by the 'tiffcp' utility (CVE-2017-5225, bsc#1019611).

Also a regression from the version update to 4.0.7 was fixed in
handling TIFFTAG_FAXRECVPARAMS. (bsc#1022103)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:240-1
Released:    Wed Feb 15 07:29:29 2017
Summary:     Security update for libXpm
Type:        security
Severity:    moderate
References:  1021315,CVE-2016-10164
Description:


This update for libXpm fixes the following issues:

- A heap overflow in XPM handling could be used by attackers supplying XPM files to 
  crash or potentially execute code. (bsc#1021315)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:241-1
Released:    Wed Feb 15 07:30:57 2017
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1022263,1022264,1022265,1022283,1022284,1022553,CVE-2016-10166,CVE-2016-10167,CVE-2016-10168,CVE-2016-6906,CVE-2016-6912,CVE-2016-9317
Description:


This update for gd fixes the following security issues:

- CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. (bsc#1022553)
- CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function
  in the GD Graphics Library (aka libgd) allowed remote attackers to have
  unspecified impact via large width and height values. (bsc#1022284)
- CVE-2016-9317: The gdImageCreate function in the GD Graphics Library
  (aka libgd) allowed remote attackers to cause a denial of service
  (system hang) via an oversized image.  (bsc#1022283)
- CVE-2016-10166: A potential unsigned underflow in gd interpolation
  functions could lead to memory corruption in the GD Graphics Library (aka libgd) (bsc#1022263)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
  could lead to libgd running out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the GD Graphics Library (aka libgd) could lead
  to memory corruption (bsc#1022265)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:261-1
Released:    Mon Feb 20 11:00:28 2017
Summary:     Recommended update for dirmngr
Type:        recommended
Severity:    low
References:  1019276
Description:


This update for dirmngr fixes the following issues:

- Properly initialize the dirmngr tmpfilesd files right away and not
  just during reboot
- Own the /usr/lib/tmpfiles.d/ folder as it is needed in older systemds
  wrt (bsc#1019276)
- Proprely require logrotate as we need it for the dirmngr configs

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:365-1
Released:    Fri Mar 10 15:16:59 2017
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    low
References:  1006175
Description:


This update for sg3_utils fixes the following issue:

- Add udev rules to handle legacy CCISS devices (bsc#1006175)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:389-1
Released:    Thu Mar 16 14:16:43 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1004094,1006687,1019470,1022014,1022047,1025598,995936
Description:


This update for systemd provides the following fixes:

- core: Fix memory leak in transient units. (bsc#1025598)
- core: Destroy all name watching bus slots when we are kicked off the bus. (bsc#1006687)
- sd-event: Fix incorrect assertion. (bsc#995936, bsc#1022014)
- journald: Don't flush to /var/log/journal before we get asked to. (bsc#1004094)
- core: Downgrade warning about duplicate device names. (bsc#1022047)
- units: Remove no longer needed ldconfig service. (bsc#1019470)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:439-1
Released:    Tue Mar 21 10:48:47 2017
Summary:     Recommended update for netcfg
Type:        recommended
Severity:    low
References:  1028305,959693
Description:


This update for netcfg provides the following fixes:

- Update script to generate services to use UTF8 by default. (bsc#1028305)
- Repack services.bz2 with latest from upstream and adjust the script to not
  add all the names and emails at the bottom of the file. (bsc#959693)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:462-1
Released:    Fri Mar 24 21:58:07 2017
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1012973,1015943,1017034,1023283,1025560,1025630
Description:


This update for lvm2 fixes the following issues:

- Fix clvmd segmentation fault on ppc64le architecture. (bsc#1025630)
- Fix several trivial issues about clvmd/cmirrord resource agents. (bsc#1023283, bsc#1025560)
- Use {local,remote}-fs-pre.target instead of {local,remote}-fs.target. (bsc#1017034)
- Simplify special-case for md in 69-dm-lvm-metadata.rules. (bsc#1012973)
- Add systemd_requires to device-mapper package. (bsc#1015943)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:464-1
Released:    Mon Mar 27 15:50:51 2017
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1007851,1029725,1029900
Description:


This update for glibc fixes a potential segmentation fault in libpthread:

- Fork in libpthread cannot use IFUNC resolver. (bsc#1007851, bsc#1029725, bsc#1029900)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:478-1
Released:    Wed Mar 29 13:02:30 2017
Summary:     Security update for libpng16
Type:        security
Severity:    moderate
References:  1017646,CVE-2016-10087
Description:


This update for libpng16 fixes the following issues:

Security issues fixed:
- CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:580-1
Released:    Wed Apr 12 23:58:47 2017
Summary:     Recommended update for cpio
Type:        recommended
Severity:    important
References:  1028410
Description:


This update for cpio fixes the following issues:

- A regression caused cpio to crash for tar and ustar archive types
  [bsc#1028410]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:609-1
Released:    Tue Apr 18 11:28:14 2017
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1015332,1027712,1032309,CVE-2016-9586,CVE-2017-7407
Description:


This update for curl fixes the following issues:

Security issue fixed:

- CVE-2016-9586: libcurl printf floating point buffer overflow (bsc#1015332)
- CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which lead to a heap-based buffer over-read (bsc#1032309).

With this release new default ciphers are active (SUSE_DEFAULT, bsc#1027712).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:610-1
Released:    Tue Apr 18 11:29:22 2017
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1031247,1031249,1031250,1031254,1031255,1031262,1031263,CVE-2016-10266,CVE-2016-10267,CVE-2016-10268,CVE-2016-10269,CVE-2016-10270,CVE-2016-10271,CVE-2016-10272
Description:


This update for tiff fixes the following issues:

Security issues fixed:
- CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based
  buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to
  'WRITE of size 2048' and libtiff/tif_next.c:64:9 (bsc#1031247).
- CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of
  service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other
  impact via a crafted TIFF image, related to 'READ of size 1' and libtiff/tif_fax3.c:413:13
  (bsc#1031249).
- CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based
  buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to
  'READ of size 8' and libtiff/tif_read.c:523:22 (bsc#1031250).
- CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based
  buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to
  'READ of size 512' and libtiff/tif_unix.c:340:2 (bsc#1031254).
- CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of
  service (integer underflow and heap-based buffer under-read) or possibly have unspecified other
  impact via a crafted TIFF image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23
  (bsc#1031255).
- CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial of service
  (divide-by-zero error and application crash) via a crafted TIFF image, related to
  libtiff/tif_ojpeg.c:816:8 (bsc#1031262).
- CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial of service
  (divide-by-zero error and application crash) via a crafted TIFF image, related to
  libtiff/tif_read.c:351:22. (bsc#1031263).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:732-1
Released:    Wed May 10 14:03:43 2017
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  1030621
Description:


This update for procps fixes the following issues:

- Command w(1) with option -n doesn't work. (bsc#1030621)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:735-1
Released:    Wed May 10 15:43:46 2017
Summary:     Recommended update for gpg2
Type:        recommended
Severity:    low
References:  1036736,986783
Description:


This update for gpg2 provides the following fixes:

- Do not install CAcert and other root certificates which are not needed with
  Let's Encrypt. (bsc#1036736)
- Initialize the trustdb before import attempt. (bsc#986783)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:751-1
Released:    Thu May 11 17:14:30 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1010220,1025398,1025886,1028263,1028610,1029183,1029691,1030290,1031355,1032538,1032660,1033855,1034565,955770
Description:


This update for systemd provides the following fixes:

- logind: Update empty and 'infinity' handling for [User]TasksMax. (bsc#1031355)
- importd: Support SUSE style checksums. (fate#322054)
- journal: Don't remove leading spaces. (bsc#1033855)
- Make sure all swap units are ordered before the swap target. (bsc#955770, bsc#1034565)
- hwdb: Fix warning 'atkbd serio0: Unknown key pressed'. (bsc#1010220)
- logind: Restart logind on package update only on SLE12 distros. (bsc#1032660)
- core: Treat masked files as 'unchanged'. (bsc#1032538)
- units: Move Before deps for quota services to remote-fs.target. (bsc#1028263)
- udev: Support predictable ifnames on vio buses. (bsc#1029183)
- udev: Add a persistent rule for ibmvnic devices. (bsc#1029183)
- units: Do not throw a warning in emergency mode if plymouth is not installed. (bsc#1025398)
- core: Downgrade 'Time has been changed' message to debug level. (bsc#1028610)
- vconsole: Don't do GIO_SCRNMAP / GIO_UNISCRNMAP. (bsc#1029691)
- udev-rules: Perform whitespace replacement for symlink subst values. (bsc#1025886)
- Consider chroot updates in fix-machines-subvol-for-rollbacks.sh. (bsc#1030290)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:793-1
Released:    Tue May 16 15:40:43 2017
Summary:     Security update for libxslt
Type:        security
Severity:    moderate
References:  1005591,1035905,934119,952474,CVE-2015-7995,CVE-2015-9019,CVE-2016-4738,CVE-2017-5029
Description:


 This update for libxslt fixes the following issues:
 

- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check 
for integer overflow during a size calculation, which allowed a remote attacker 
to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).

- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator 
could cause a heap overread. This can be exploited to leak a couple of bytes after 
the buffer that holds the pattern string (bsc#1005591).

- CVE-2015-9019: Properly initialize random generator (bsc#934119).

- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a 
type confusion leading to DoS. (bsc#952474)

 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:794-1
Released:    Tue May 16 15:41:09 2017
Summary:     Security update for bash
Type:        security
Severity:    moderate
References:  1010845,1035371,CVE-2016-9401
Description:


This update for bash fixes an issue that could lead to syntax errors when parsing
scripts that use expr(1) inside loops.

Additionally, the popd build-in now ensures that the normalized stack offset is
within bounds before trying to free that stack entry. This fixes a segmentation
fault.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:799-1
Released:    Wed May 17 00:21:13 2017
Summary:     Recommended update for glibc
Type:        recommended
Severity:    low
References:  1026224,1035445
Description:


This update for glibc introduces basic support for IBM POWER9 systems. Additionally,
an improper assert in dlclose() has been removed.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:865-1
Released:    Wed May 24 16:23:20 2017
Summary:     Security update for pam
Type:        security
Severity:    moderate
References:  1015565,1037824,934920,CVE-2015-3238
Description:


This update for pam fixes the following issues:
 

- CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks (bsc#934920).
- log a hint to syslog if /etc/nologin is present, but empty (bsc#1015565).
- If /etc/nologin is present, but empty, log a hint to syslog. (bsc#1015565)
- Added support for libowcrypt.so, if present, to configure support for BLOWFISH (bsc#1037824)

 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:873-1
Released:    Fri May 26 16:19:47 2017
Summary:     Recommended update for e2fsprogs
Type:        recommended
Severity:    low
References:  1009532,960273
Description:


This update for e2fsprogs provides the following fixes:

- Fix 32/64-bit overflow when multiplying by blocks/clusters per group. This allows
  resize2fs(8) to resize file systems larger than 20 TB. (bsc#1009532)
- Update spec file to regenerate initrd when e2fsprogs is updated or uninstalled.
  (bsc#960273)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:877-1
Released:    Mon May 29 15:11:48 2017
Summary:     Recommended update for cryptsetup
Type:        recommended
Severity:    low
References:  1031998
Description:


This update for cryptsetup provides the following fix:

- Don't use a zero-filled empty key, because in FIPS, XTS mode key parts mustn't be equivalent (bsc#1031998)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:891-1
Released:    Tue May 30 22:28:21 2017
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1039063,1039064,1039066,1039069,1039661,981114,CVE-2016-1839,CVE-2017-9047,CVE-2017-9048,CVE-2017-9049,CVE-2017-9050
Description:


This update for libxml2 fixes the following issues:

- CVE-2017-9047, CVE-2017-9048: The function xmlSnprintfElementContent in valid.c was vulnerable to a stack buffer overflow (bsc#1039063, bsc#1039064)
- CVE-2017-9049: The function xmlDictComputeFastKey in dict.c was vulnerable to a heap-based buffer over-read. (bsc#1039066)
- CVE-2017-9050: The function xmlDictAddString was vulnerable to a heap-based buffer over-read (bsc#1039661)
- CVE-2016-1839: heap-based buffer overflow (xmlDictAddString func) (bnc#1039069)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:907-1
Released:    Thu Jun  1 14:23:36 2017
Summary:     Recommended update for shadow
Type:        recommended
Severity:    low
References:  1003978,1031643
Description:


This update for shadow fixes the following issues:

- Dynamically added users via pam_group are not listed in groups databases but are
  still valid. (bsc#1031643)
- useradd(8) and groupadd(8) performance issue when using SSSD. Previously the entire
  possible UID/GID was iterated to find an available UID/GID. This could take long time
  over a network device. Instead, find available UID/GID locally, and then check only
  those values over network. (bsc#1003978)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:918-1
Released:    Tue Jun  6 12:35:44 2017
Summary:     Recommended update for libsemanage, selinux-policy
Type:        recommended
Severity:    moderate
References:  1020143,1032445,1035818,1038189
Description:


This update for libsemanage, selinux-policy fixes the following issues:

- Limit to policy version 29 by default.
- Fix policy module build failures and wrong policy path on SLE 12 SP2 (bsc#1038189, bsc#1035818, bsc#1020143, bsc#1032445)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:925-1
Released:    Thu Jun  8 12:58:42 2017
Summary:     Recommended update for freetype2
Type:        recommended
Severity:    low
References:  1038506
Description:


This update for freetype2 fixes an issue within handling of very large fonts which
could lead to corrupted characters in the boot splash screen of systems configured
to use the Korean language.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:939-1
Released:    Mon Jun 12 10:56:22 2017
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1039063,1039064,1039066,1039069,1039661,CVE-2017-9047,CVE-2017-9048,CVE-2017-9049,CVE-2017-9050
Description:

This update for libxml2 fixes the following security issues:

* CVE-2017-9050: A heap-based buffer over-read in xmlDictAddString (bsc#1039069, bsc#1039661)
* CVE-2017-9049: A heap-based buffer overflow in xmlDictComputeFastKey (bsc#1039066)
* CVE-2017-9048: A stack overflow vulnerability in xmlSnprintfElementContent (bsc#1039063)
* CVE-2017-9047: A stack overflow vulnerability in xmlSnprintfElementContent (bsc#1039064)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:959-1
Released:    Wed Jun 14 14:38:11 2017
Summary:     Recommended update for gcc5
Type:        recommended
Severity:    low
References:  1043580
Description:


This update for gcc5 fixes the version of libffi in its pkg-config configuration file.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:962-1
Released:    Wed Jun 14 16:33:07 2017
Summary:     Security update for openldap2
Type:        security
Severity:    moderate
References:  1009470,1037396,1041764,972331,CVE-2017-9287
Description:


This update for openldap2 fixes the following issues:

Security issues fixed:

- CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed (bsc#1041764)

Non security bugs fixed:

- Let OpenLDAP read system-wide certificates by default and don't hide the error if
  the user-specified CA location cannot be read. (bsc#1009470)
- Fix an uninitialised variable that causes startup failure (bsc#1037396)
- Fix an issue with transaction management that can cause server crash (bsc#972331)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:985-1
Released:    Mon Jun 19 14:57:41 2017
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1042326,931932,CVE-2017-9526
Description:

This update for libgcrypt fixes the following issues:

- CVE-2017-9526: Store the session key in secure memory to ensure that constant
  time point operations are used in the MPI library.  (bsc#1042326)

- Don't require secure memory for the fips selftests, this prevents the
  'Oops, secure memory pool already initialized' warning. (bsc#931932)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:990-1
Released:    Mon Jun 19 17:19:44 2017
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1039357,1040043,CVE-2017-1000366
Description:

This update for glibc fixes the following issues:

- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
  allowed unprivileged system users to manipulate the stack of setuid binaries
  to gain special privileges. [bsc#1039357]

- A bug in glibc that could result in deadlocks between malloc() and fork() has
  been fixed. [bsc#1040043]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1033-1
Released:    Fri Jun 23 16:38:55 2017
Summary:     Recommended update for e2fsprogs
Type:        recommended
Severity:    low
References:  1038194
Description:


This update for e2fsprogs provides the following fixes:

- Don't ignore fsync errors in libext2fs. (bsc#1038194)
- Fix fsync(2) detection in libext2fs. (bsc#1038194)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1036-1
Released:    Mon Jun 26 08:12:24 2017
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1024989,1044337,CVE-2017-0663,CVE-2017-5969
Description:

This update for libxml2 fixes the following issues:

Security issues fixed:

* CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID (bsc#1044337)
* CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent (bsc#1024989)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1040-1
Released:    Mon Jun 26 13:22:26 2017
Summary:     Recommended update for libsemanage, policycoreutils
Type:        recommended
Severity:    low
References:  1043237
Description:

This update for libsemanage, policycoreutils fixes the following issue:

- Show version numbers of modules where they are available (bsc#1043237) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1082-1
Released:    Fri Jun 30 10:54:06 2017
Summary:     Recommended update for dirmngr
Type:        recommended
Severity:    low
References:  1045943
Description:

This update for dirmngr provides the following fix:

- Change logrotate from Requires to Recommends (bsc#1045943)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1086-1
Released:    Fri Jun 30 15:36:17 2017
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1044887,1044894,CVE-2017-7375,CVE-2017-7376
Description:

This update for libxml2 fixes the following issues:

Security issues fixed:

* CVE-2017-7376: Increase buffer space for port in HTTP redirect support (bsc#1044887)
* CVE-2017-7375: Prevent unwanted external entity reference [bsc#1044894, ]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1104-1
Released:    Tue Jul  4 16:13:55 2017
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1004995,1029102,1029516,1036873,1038865,1040258,1040614,1040942,1043758,982303,CVE-2017-9217
Description:

This update for systemd fixes the following issues:

Security issue fixed:

- CVE-2017-9217: resolved: Fix null pointer p->question dereferencing that could lead to resolved aborting (bsc#1040614)

The update also fixed several non-security bugs:

- core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount
- automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942)
- automount: Rework propagation between automount and mount units
- build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary
- build: Fix systemd-journal-upload installation
- basic: Detect XEN Dom0 as no virtualization (bsc#1036873)
- virt: Make sure some errors are not ignored
- fstab-generator: Do not skip Before= ordering for noauto mountpoints
- fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec
- core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995)
- fstab-generator: Apply the _netdev option also to device units (bsc#1004995)
- job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995)
- job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995)
- rules: Export NVMe WWID udev attribute (bsc#1038865)
- rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives
- rules: Add rules for NVMe devices
- sysusers: Make group shadow support configurable (bsc#1029516)
- core: When deserializing a unit, fully restore its cgroup state (bsc#1029102)
- core: Introduce cg_mask_from_string()/cg_mask_to_string()
- core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258)
- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303)
  The database might be missing when upgrading a package which was
  shipping no sysv init scripts nor unit files (at the time --save was
  called) but the new version start shipping unit files.
- Disable group shadow support (bsc#1029516)
- Only check signature job error if signature job exists (bsc#1043758)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1116-1
Released:    Thu Jul  6 11:37:18 2017
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1046607,CVE-2017-7526
Description:

This update for libgcrypt fixes the following issues:

- CVE-2017-7526: Hardening against a local side-channel attack in RSA key handling has been added (bsc#1046607)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1119-1
Released:    Fri Jul  7 11:23:20 2017
Summary:     Recommended update for ncurses
Type:        security
Severity:    important
References:  1000662,1046853,1046858,CVE-2017-10684,CVE-2017-10685
Description:

This update for ncurses fixes the following issues:

Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)

Bugfixes:
- Drop patch ncurses-5.9-environment.dif as YaST2 ncurses GUI does
  not need it anymore and as well as it causes bug bsc#1000662 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1160-1
Released:    Fri Jul 14 17:20:26 2017
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    low
References:  1031702
Description:

This update for openldap2 provides the following fix:
- Fix a regression in handling of non-blocking connection (bsc#1031702)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1174-1
Released:    Wed Jul 19 11:12:51 2017
Summary:     Security update for systemd, dracut
Type:        security
Severity:    important
References:  1032029,1033238,1037120,1040153,1040968,1043900,1045290,1046750,986216,CVE-2017-9445
Description:

This update for systemd and dracut fixes the following issues:

Security issues fixed:

- CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload
  from a DNS server. (bsc#1045290)

Non-security issues fixed in systemd:

- Automounter issue in combination with NFS volumes (bsc#1040968)
- Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153)
- Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)

Non-security issues fixed in dracut:

- Bail out if module directory does not exist. (bsc#1043900)
- Suppress bogus error message. (bsc#1032029)
- Fix module force loading with systemd. (bsc#986216)
- Ship udev files required by systemd. (bsc#1040153)
- Ignore module resolution errors (e.g. with kgraft). (bsc#1037120)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1222-1
Released:    Wed Jul 26 17:15:18 2017
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  1034563,1039941
Description:


This update for procps provides the following fixes:

- Make pmap handle LazyFree in /proc/smaps (bsc#1034563)
- Allow reading and writing content lines longer than 1024 characters under /proc/sys (bsc#1039941)
- Avoid printing messages when /proc/sys/net/ipv6/conf/*/stable_secret is not set

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1245-1
Released:    Thu Aug  3 10:43:15 2017
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1004995,1029102,1029516,1032029,1033238,1036873,1037120,1038865,1040153,1040258,1040614,1040942,1040968,1043758,1043900,1045290,1046750,982303,986216,CVE-2017-9217,CVE-2017-9445
Description:

This update for systemd provides several fixes and enhancements.

Security issues fixed:

- CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. (bsc#1040614)
- CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload
  from a DNS server. (bsc#1045290)

The update also fixed several non-security bugs:

- core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount
- automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942)
- automount: Rework propagation between automount and mount units
- build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary
- build: Fix systemd-journal-upload installation
- basic: Detect XEN Dom0 as no virtualization (bsc#1036873)
- virt: Make sure some errors are not ignored
- fstab-generator: Do not skip Before= ordering for noauto mountpoints
- fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec
- core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995)
- fstab-generator: Apply the _netdev option also to device units (bsc#1004995)
- job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995)
- job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995)
- rules: Export NVMe WWID udev attribute (bsc#1038865)
- rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives
- rules: Add rules for NVMe devices
- sysusers: Make group shadow support configurable (bsc#1029516)
- core: When deserializing a unit, fully restore its cgroup state (bsc#1029102)
- core: Introduce cg_mask_from_string()/cg_mask_to_string()
- core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258)
- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303)
  The database might be missing when upgrading a package which was
  shipping no sysv init scripts nor unit files (at the time --save was
  called) but the new version start shipping unit files.
- Disable group shadow support (bsc#1029516)
- Only check signature job error if signature job exists (bsc#1043758)
- Automounter issue in combination with NFS volumes (bsc#1040968)
- Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153)
- Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1268-1
Released:    Mon Aug  7 10:09:19 2017
Summary:     Recommended update for openssl
Type:        recommended
Severity:    moderate
References:  1019637,1027079,1027688,1027908,1028281,1028723,1029523,1042392,1044095,1044107,1044175,902364
Description:

This update for openssl fixes the following issues including fixes for our ongoing FIPS 140-2 evaluation:

- Remove DES-CBC3-SHA based ciphers from DEFAULT_SUSE to address SWEET32
  problem (bsc#1027908)
- Use getrandom syscall instead of reading from /dev/urandom to get
  at least 128 bits of entropy to comply with FIPS 140.2 IG 7.14 (bsc#1027079 bsc#1044175)
- Fix x86 extended feature detection (bsc#1029523)
- Allow runtime switching of s390x capabilities via the 'OPENSSL_s390xcap'
  environmental variable (bsc#1028723)
- s_client sent empty client certificate (bsc#1028281)
  Add back certificate initialization set_cert_key_stuff()
  which was removed in a previous update.
- Fix a bug in XTS key handling (bsc#1019637)
- Don't run FIPS power-up self-tests when the checksum files aren't
  installed (bsc#1042392)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1279-1
Released:    Mon Aug  7 14:46:40 2017
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1046853,1046858,1047964,1047965,1049344,CVE-2017-10684,CVE-2017-10685,CVE-2017-11112,CVE-2017-11113
Description:

This update for ncurses fixes the following issues:

Security issues fixed:
- CVE-2017-11112: Illegal address access in append_acs. (bsc#1047964)
- CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. (bsc#1047965)
- CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken
  termcap format (bsc#1046853, bsc#1046858, bsc#1049344)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1316-1
Released:    Thu Aug 10 13:54:27 2017
Summary:     Recommended update for cyrus-sasl
Type:        recommended
Severity:    moderate
References:  1014471,1026825,1044840,938657
Description:


This update for cyrus-sasl provides the following fixes:

- Fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize
- Fix unknown authentication mechanism: kerberos5 (bsc#1026825)
- Really use SASLAUTHD_PARAMS variable (bsc#938657)
- Make sure /usr/sbin/rcsaslauthd exists   
- Add /usr/sbin/rcsaslauthd symbolic link to /usr/sbin/service (bsc#1014471)
- Silence 'GSSAPI client step 1' debug log message (bsc#1044840)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1326-1
Released:    Fri Aug 11 16:59:04 2017
Summary:     Security update for libxml2
Type:        security
Severity:    low
References:  1038444,CVE-2017-8872
Description:

This update for libxml2 fixes the following issues:

Security issues fixed:
- CVE-2017-8872: Out-of-bounds read in htmlParseTryOrFinish. (bsc#1038444)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1330-1
Released:    Mon Aug 14 18:41:29 2017
Summary:     Recommended update for sed
Type:        recommended
Severity:    low
References:  954661
Description:

This update for sed provides the following fixes:

- Don't terminate with a segmentation fault if close of last file descriptor fails. (bsc#954661)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2017:1333-1
Released:    Tue Aug 15 17:59:30 2017
Summary:     Optional update for libverto
Type:        optional
Severity:    low
References:  1029561
Description:

This update adds the libverto library to OpenStack Cloud Magnum Orchestration channels.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1334-1
Released:    Tue Aug 15 20:09:03 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1048679,874665
Description:

This update for systemd fixes the following issues:

- compat-rules: Don't rely on ID_SERIAL when generating 'by-id' links for NVMe devices. (bsc#1048679)
- fstab-generator: Handle NFS 'bg' mounts correctly. (bsc#874665, fate#323464)
- timesyncd: Don't use compiled-in list if FallbackNTP has been configured explicitly.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1335-1
Released:    Wed Aug 16 11:24:21 2017
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1051643,1051644,CVE-2017-1000100,CVE-2017-1000101
Description:

This update for curl fixes the following issues:

- CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service (bsc#1051644)
- CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service (bsc#1051643)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1347-1
Released:    Fri Aug 18 11:03:57 2017
Summary:     Recommended update for procps
Type:        recommended
Severity:    important
References:  1053409
Description:

This update for procps fixes the following issues:

- Fix a regression introduced in a previous update that would result in sysctl
  dying with a SIGSEGV error (bsc#1053409).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1349-1
Released:    Fri Aug 18 12:31:07 2017
Summary:     Recommended update for lua51
Type:        recommended
Severity:    low
References:  1051626
Description:

This update for lua51 provides the following fixes:

- Add Lua(API) and Lua(devel) symbols to fix building of lua51-luasocket. (bsc#1051626)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1390-1
Released:    Fri Aug 25 15:14:27 2017
Summary:     Security update for libzypp
Type:        security
Severity:    important
References:  1009745,1036659,1038984,1043218,1045735,1046417,1047785,1048315,CVE-2017-7435,CVE-2017-7436,CVE-2017-9269
Description:

The Software Update Stack was updated to receive fixes and enhancements.


libzypp:

- CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned
  repositories and packages. (bsc#1045735, bsc#1038984)
- Fix gpg-pubkey release (creation time) computation. (bsc#1036659)
- Update lsof blacklist. (bsc#1046417)
- Re-probe on refresh if the repository type changes. (bsc#1048315)
- Propagate proper error code to DownloadProgressReport. (bsc#1047785)
- Allow to trigger an appdata refresh unconditionally. (bsc#1009745)
- Support custom repo variables defined in /etc/zypp/vars.d.

yast2-pkg-bindings:

- Do not crash when the repository URL is not defined. (bsc#1043218)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1419-1
Released:    Wed Aug 30 15:38:22 2017
Summary:     Security update for expat
Type:        security
Severity:    moderate
References:  1047236,1047240,CVE-2016-9063,CVE-2017-9233
Description:

This update for expat fixes the following issues:

- CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
- CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)



-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1439-1
Released:    Fri Sep  1 15:31:05 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1045384,1045987,1046268,1047379,1048605
Description:

This update for systemd fixes the following issues:

- Revert fix for bsc#1004995 which could have caused boot failure on LVM (bsc#1048605)

- compat-rules: drop the bogus 'import everything' rule (bsc#1046268)
- core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (bsc#1045384 bsc#1047379)
- udev/path_id: introduce support for NVMe devices (bsc#1045987)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1447-1
Released:    Mon Sep  4 15:38:20 2017
Summary:     Security update for libzypp, zypper
Type:        security
Severity:    important
References:  1008325,1038984,1045735,1047785,1054088,1054671,1055920,CVE-2017-7436
Description:

The Software Update Stack was updated to receive fixes and enhancements.

libzypp:

- Adapt to work with GnuPG 2.1.23. (bsc#1054088)
- Support signing with subkeys. (bsc#1008325)
- Enhance sort order for media.1/products. (bsc#1054671)

zypper:

- Also show a gpg key's subkeys. (bsc#1008325)
- Improve signature check callback messages. (bsc#1045735)
- Add options to tune the GPG check settings. (bsc#1045735)
- Adapt download callback to report and handle unsigned packages. (bsc#1038984, CVE-2017-7436)
- Report missing/optional files as 'not found' rather than 'error'. (bsc#1047785)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1450-1
Released:    Mon Sep  4 16:36:07 2017
Summary:     Recommended update for insserv-compat
Type:        recommended
Severity:    low
References:  1035062,944903
Description:


This update for insserv-compat fixes the following issues:

- Add /etc/init.d hierarchy from former 'filesystem' package. (bsc#1035062)
- Fix directory argument parsing. (bsc#944903)
- Add perl(Getopt::Long) to list of requirements.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1453-1
Released:    Mon Sep  4 21:23:50 2017
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  1043333,1046659,1047008
Description:

This update for libgcrypt fixes the following issues:

- libgcrypt stored an open file descriptor to the random device in
  a static variable between invocations.
  gnome-keyring-daemon on initialization reopened descriptors 0-2
  with /dev/null which caused an infinite loop when libgcrypt
  attempted to read from the random device (bsc#1043333)
- Avoid seeding the DRBG during FIPS power-up selftests (bsc#1046659)
  * don't call gcry_drbg_instantiate() in healthcheck sanity test to
    save entropy
  * turn off blinding for RSA decryption in selftests_rsa to avoid
    allocation of a random integer
- fix a bug in gcry_drbg_healthcheck_sanity() which caused skipping
  some of the tests (bsc#1046659)
- dlsym returns PLT address on s390x, dlopen libgcrypt20.so before
  calling dlsym (bsc#1047008)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1548-1
Released:    Fri Sep 15 18:19:12 2017
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    moderate
References:  1005063,1009269,1012523,1025176,1050767,1050943
Description:

This update for sg3_utils provides the following fixes:

- Add lunsearch filter to findresized() so that only LUNs specified using --luns are
  rescanned or resized. (bsc#1025176)
- In case the VPD sysfs attributes are missing or cannot be accessed, fallback to use
  sg_inq --page when using multipath devices in AutoYast2 installations. (bsc#1012523)
- Generate /dev/disk/by-path links based on WWPN for Fibre Channel NPIV setups. (bsc#1005063)
- Fix dumping data in hexadecimal format in sg_vpd when using the --hex option. (bsc#1050943)
- Fix ID_SERIAL values for KVM disks by exporting all NAA values and removing some validity
  checking. (bsc#1050767)
- Make sure initrd is rebuilt on sg3_utils updates. (bsc#1009269)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1589-1
Released:    Tue Sep 26 09:58:51 2017
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1033109,1033111,1033112,1033113,1033118,1033120,1033126,1033127,1033128,1033129,1033131,1038438,1042804,1042805,CVE-2016-10371,CVE-2017-7592,CVE-2017-7593,CVE-2017-7594,CVE-2017-7595,CVE-2017-7596,CVE-2017-7597,CVE-2017-7598,CVE-2017-7599,CVE-2017-7600,CVE-2017-7601,CVE-2017-7602,CVE-2017-9403,CVE-2017-9404
Description:

This update for tiff to version 4.0.8 fixes a several bugs and security issues:

These security issues were fixed:

- CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image (bsc#1033127).
- CVE-2016-10371: The TIFFWriteDirectoryTagCheckedRational function allowed remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file (bsc#1038438).
- CVE-2017-7598: Error in tif_dirread.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image (bsc#1033118).
- CVE-2017-7596: Undefined behavior because of floats outside their expected value range, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033126).
- CVE-2017-7597: Undefined behavior because of floats outside their expected value range, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033120).
- CVE-2017-7599: Undefined behavior because of shorts outside their expected value range, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033113).
- CVE-2017-7600: Undefined behavior because of chars outside their expected value range, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033112).
- CVE-2017-7601: Because of a shift exponent too large for 64-bit type long undefined behavior was caused, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033111).
- CVE-2017-7602: Prevent signed integer overflow, which allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033109).
- CVE-2017-7592: The putagreytile function had a left-shift undefined behavior issue, which might allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image (bsc#1033131).
- CVE-2017-7593: Ensure that tif_rawdata is properly initialized, to prevent remote attackers to obtain sensitive information from process memory via a crafted image (bsc#1033129).
- CVE-2017-7594: The OJPEGReadHeaderInfoSecTablesDcTable function allowed remote attackers to cause a denial of service (memory leak) via a crafted image (bsc#1033128).
- CVE-2017-9403: Prevent memory leak in function TIFFReadDirEntryLong8Array, which allowed attackers to cause a denial of service via a crafted file (bsc#1042805).
- CVE-2017-9404: Fixed memory leak vulnerability in function OJPEGReadHeaderInfoSecTablesQTable, which allowed attackers to cause a denial of service via a crafted file (bsc#1042804).

These various other issues were fixed:

- Fix uint32 overflow in TIFFReadEncodedStrip() that caused an
  integer division by zero. Reported by Agostino Sarubbo.
- fix heap-based buffer overflow on generation of PixarLog / LUV
  compressed files, with ColorMap, TransferFunction attached and
  nasty plays with bitspersample. The fix for LUV has not been
  tested, but suffers from the same kind of issue of PixarLog.
- modify ChopUpSingleUncompressedStrip() to instanciate compute
  ntrips as TIFFhowmany_32(td->td_imagelength, rowsperstrip),
  instead of a logic based on the total size of data. Which is
  faulty is the total size of data is not sufficient to fill the
  whole image, and thus results in reading outside of the
  StripByCounts/StripOffsets arrays when using
  TIFFReadScanline()
- make OJPEGDecode() early exit in case of failure in
  OJPEGPreDecode(). This will avoid a divide by zero, and
  potential other issues.
- fix misleading indentation as warned by GCC.
- revert change done on 2016-01-09 that made Param member of
  TIFFFaxTabEnt structure a uint16 to reduce size of the
  binary. It happens that the Hylafax software uses the tables
  that follow this typedef (TIFFFaxMainTable, TIFFFaxWhiteTable,
  TIFFFaxBlackTable), although they are not in a public libtiff
  header.
- add TIFFReadRGBAStripExt() and TIFFReadRGBATileExt() variants
  of the functions without ext, with an extra argument to control
  the stop_on_error behaviour.
- fix potential memory leaks in error code path of
  TIFFRGBAImageBegin().
- increase libjpeg max memory usable to 10 MB instead of libjpeg
  1MB default. This helps when creating files with 'big' tile,
  without using libjpeg temporary files.
- add _TIFFcalloc()
- return 0 in Encode functions instead of -1 when
  TIFFFlushData1() fails.
- only run JPEGFixupTagsSubsampling() if the YCbCrSubsampling
  tag is not explicitly present. This helps a bit to reduce the
  I/O amount when the tag is present (especially on cloud hosted
  files).
- in LZWPostEncode(), increase, if necessary, the code bit-width
  after flushing the remaining code and before emitting the EOI
  code.
- fix memory leak in error code path of PixarLogSetupDecode().
- fix potential memory leak in
  OJPEGReadHeaderInfoSecTablesQTable,
  OJPEGReadHeaderInfoSecTablesDcTable and
  OJPEGReadHeaderInfoSecTablesAcTable
- avoid crash in Fax3Close() on empty file.
- TIFFFillStrip(): add limitation to the number of bytes read
  in case td_stripbytecount[strip] is bigger than reasonable,
  so as to avoid excessive memory allocation.
- fix memory leak when the underlying codec (ZIP, PixarLog)
  succeeds its setupdecode() method, but PredictorSetup fails.
- TIFFFillStrip() and TIFFFillTile(): avoid excessive memory
  allocation in case of shorten files. Only effective on 64 bit
  builds and non-mapped cases.
- TIFFFillStripPartial() / TIFFSeek(), avoid potential integer
  overflows with read_ahead in CHUNKY_STRIP_READ_SUPPORT mode.
- avoid excessive memory allocation in case of shorten files.
  Only effective on 64 bit builds.
- update tif_rawcc in CHUNKY_STRIP_READ_SUPPORT mode with
  tif_rawdataloaded when calling TIFFStartStrip() or
  TIFFFillStripPartial(). 
- avoid potential int32 overflow in TIFFYCbCrToRGBInit() Fixes
- avoid potential int32 overflows in multiply_ms() and add_ms().
- fix out-of-buffer read in PackBitsDecode() Fixes
- LogL16InitState(): avoid excessive memory allocation when
  RowsPerStrip tag is missing.
- update dec_bitsleft at beginning of LZWDecode(), and update
  tif_rawcc at end of LZWDecode(). This is needed to properly
  work with the latest chnges in tif_read.c in
  CHUNKY_STRIP_READ_SUPPORT mode.
- PixarLogDecode(): resync tif_rawcp with next_in and tif_rawcc
  with avail_in at beginning and end of function, similarly to
  what is done in LZWDecode(). Likely needed so that it works
  properly with latest chnges in tif_read.c in
  CHUNKY_STRIP_READ_SUPPORT mode.
- initYCbCrConversion(): add basic validation of luma and
  refBlackWhite coefficients (just check they are not NaN for
  now), to avoid potential float to int overflows.
- _TIFFVSetField(): fix outside range cast of double to float.
- initYCbCrConversion(): check luma[1] is not zero to avoid division by zero
- _TIFFVSetField(): fix outside range cast of double to float.
- initYCbCrConversion(): check luma[1] is not zero to avoid
  division by zero.
- initYCbCrConversion(): stricter validation for refBlackWhite
  coefficients values.
- avoid uint32 underflow in cpDecodedStrips that can cause
  various issues, such as buffer overflows in the library.
- fix readContigStripsIntoBuffer() in -i (ignore) mode so that
  the output buffer is correctly incremented to avoid write
  outside bounds.
- add 3 extra bytes at end of strip buffer in
  readSeparateStripsIntoBuffer() to avoid read outside of heap
  allocated buffer.
- fix integer division by zero when BitsPerSample is missing.
- fix null pointer dereference in -r mode when the image has no
  StripByteCount tag.
- avoid potential division by zero is BitsPerSamples tag is
  missing.
- when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is called, limit
  the return number of inks to SamplesPerPixel, so that code
  that parses ink names doesn't go past the end of the buffer.
- avoid potential division by zero is BitsPerSamples tag is
  missing.
- fix uint32 underflow/overflow that can cause heap-based buffer
  overflow.
- replace assert( (bps % 8) == 0 ) by a non assert check.
- fix 2 heap-based buffer overflows (in PSDataBW and
  PSDataColorContig).
- prevent heap-based buffer overflow in -j mode on a paletted
  image.
- fix wrong usage of memcpy() that can trigger unspecified behaviour.
- avoid potential invalid memory read in t2p_writeproc.
- avoid potential heap-based overflow in t2p_readwrite_pdf_image_tile().
- remove extraneous TIFFClose() in error code path, that caused
  double free.
- error out cleanly in cpContig2SeparateByRow and
  cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap
  based overflow.
- avoid integer division by zero.
- call TIFFClose() in error code paths.
- emit appropriate message if the input file is empty.
- close TIFF handle in error code path.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1592-1
Released:    Tue Sep 26 17:38:03 2017
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1028485,1045628,978055,998893,999878
Description:


This update for lvm2 provides the following fixes:

- Create /dev/disk/by-part{label,uuid} and gpt-auto-root links. (bsc#1028485)
- Try to refresh clvmd's device cache on the first failure. (bsc#978055)
- Fix stale device cache in clvmd. (bsc#978055)
- Warn if PV size in metadata is larger than disk device size. (bsc#999878)
- Fix lvm2 activation issue when used on top of multipath. (bsc#998893)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1644-1
Released:    Mon Oct  9 07:52:24 2017
Summary:     Security update for krb5
Type:        security
Severity:    moderate
References:  1032680,1054028,1056995,903543,CVE-2017-11462
Description:

This update for krb5 fixes several issues.

This security issue was fixed:

- CVE-2017-11462: Prevent automatic security context deletion to prevent
  double-free (bsc#1056995)

These non-security issues were fixed:

- Set 'rdns' and 'dns_canonicalize_hostname' to false in krb5.conf
  in order to improve client security in handling service principle
  names. (bsc#1054028)
- Prevent kadmind.service startup failure caused by absence of
  LDAP service. (bsc#903543)
- Remove main package's dependency on systemd (bsc#1032680)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1663-1
Released:    Tue Oct 10 12:05:09 2017
Summary:     Recommended update for dbus-1
Type:        recommended
Severity:    moderate
References:  1043615,1046173
Description:

This update for dbus-1 provides the following fixes:

- Fix systemd-logind dbus disconnection by ensuring all required timeouts are restarted.
  (bsc#1043615)
- Remove call to initscripts related macros from the spec file as dbus-1 does not ship any
  initscript anymore. (bsc#1046173)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1703-1
Released:    Tue Oct 17 13:20:12 2017
Summary:     Recommended update for audit
Type:        recommended
Severity:    low
References:  1042781
Description:

This update for audit provides the following fix:

- Make auditd start by forking the systemd service to fix some initialization failures.
  (bsc#1042781)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1758-1
Released:    Mon Oct 23 08:47:47 2017
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1060653,1061876,1063824,CVE-2017-1000254,CVE-2017-1000257
Description:

This update for curl fixes the following issues:

Security issues fixed:

- CVE-2017-1000254: FTP PWD response parser out of bounds read (bsc#1061876)
- CVE-2017-1000257: IMAP FETCH response out of bounds read (bsc#1063824)

Bugs fixed:

- Fixed error 'error:1408F10B:SSL routines' when connecting to ftps via proxy (bsc#1060653)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1796-1
Released:    Fri Oct 27 21:25:06 2017
Summary:     Recommended update for pcre
Type:        recommended
Severity:    moderate
References:  1058722
Description:



This update for pcre fixes the following issues:

- Fixed the pcre stack frame size detection because modern compilers
  break it due to cloning and inlining pcre match() function (bsc#1058722)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1797-1
Released:    Sat Oct 28 12:06:19 2017
Summary:     Recommended update for permissions
Type:        recommended
Severity:    moderate
References:  1028304,1048645,1060738
Description:

This update for permissions fixes the following issues:

- Allows users to install the HPC 'singularity' toolkit for managing singularity containers in setuid root mode. (bsc#1028304)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1826-1
Released:    Wed Nov  8 08:47:17 2017
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1065274,CVE-2017-15088
Description:

This update for krb5 fixes the following issues:

Security issues fixed:

- CVE-2017-15088: A buffer overflow in get_matching_data() was fixed that could under specific circumstances be used to execute code (bsc#1065274)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1829-1
Released:    Wed Nov  8 08:50:00 2017
Summary:     Security update for shadow
Type:        security
Severity:    moderate
References:  1023895,1052261,980486,CVE-2017-12424
Description:

This update for shadow fixes several issues.

This security issue was fixed:

- CVE-2017-12424: The newusers tool could have been forced to manipulate
  internal data structures in ways unintended by the authors. Malformed input may
  have lead to crashes (with a buffer overflow or other memory corruption) or
  other unspecified behaviors (bsc#1052261).

These non-security issues were fixed:

- bsc#1023895: Fixed man page to not contain invalid options and also prevent
  warnings when using these options in certain settings
- bsc#980486: Reset user in /var/log/tallylog because of the usage of pam_tally2

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1881-1
Released:    Wed Nov 22 16:29:58 2017
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1009966,1063269,910252,910253,913650,913651,917152,996511,CVE-2014-8116,CVE-2014-8117,CVE-2014-9620,CVE-2014-9621,CVE-2014-9653
Description:



The GNU file utility was updated to version 5.22.

Security issues fixed:

- CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. (bsc#913650)
- CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a large number of notes. (bsc#913651)
- CVE-2014-9653: readelf.c in file did not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. (bsc#917152)
- CVE-2014-8116: The ELF parser (readelf.c) in file allowed remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (bsc#910253)
- CVE-2014-8117: softmagic.c in file did not properly limit recursion, which allowed remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (bsc#910253)

Version update to file version 5.22

* add indirect relative for TIFF/Exif
* restructure elf note printing to avoid repeated messages
* add note limit, suggested by Alexander Cherepanov
* Bail out on partial pread()'s (Alexander Cherepanov)
* Fix incorrect bounds check in file_printable (Alexander Cherepanov)
* PR/405: ignore SIGPIPE from uncompress programs
* change printable -> file_printable and use it in more places for safety
* in ELF, instead of '(uses dynamic libraries)' when PT_INTERP is present print the interpreter name.

Version update to file version 5.21

* there was an incorrect free in magic_load_buffers()
* there was an out of bounds read for some pascal strings
* there was a memory leak in magic lists
* don't interpret strings printed from files using the current
  locale, convert them to ascii format first.
* there was an out of bounds read in elf note reads

Update to file version 5.20

* recognize encrypted CDF documents
* add magic_load_buffers from Brooks Davis
* add thumbs.db support

Additional non-security bug fixes:

* Fixed a memory corruption during rpmbuild (bsc#1063269)
* Backport of a fix for an increased printable string length as found in file 5.30 (bsc#996511)
* file command throws 'Composite Document File V2 Document, corrupt: Can't read SSAT' error against excel 97/2003 file format. (bsc#1009966)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1903-1
Released:    Fri Nov 24 16:19:37 2017
Summary:     Security update for perl
Type:        security
Severity:    moderate
References:  1047178,1057721,1057724,999735,CVE-2017-12837,CVE-2017-12883,CVE-2017-6512
Description:

This update for perl fixes the following issues:

Security issues fixed:
- CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before
  5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service
  (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive
  modifier. (bnc#1057724)
- CVE-2017-12883: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before
  5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information
  or cause a denial of service (application crash) via a crafted regular expression with an invalid
  '\N{U+...}' escape. (bnc#1057721)
- CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module
  before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving
  directory-permission loosening logic. (bnc#1047178)

Bug fixes:
- backport set_capture_string changes from upstream (bsc#999735)
- reformat baselibs.conf as source validator workaround

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1916-1
Released:    Fri Nov 24 20:15:01 2017
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    important
References:  1043333,1059723
Description:

This update for libgcrypt provides the following fix:

- Fix a regression in a previous update which caused libgcrypt to leak file descriptors
  causing failures when starting rtkit-daemon. (bsc#1059723)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1917-1
Released:    Mon Nov 27 13:32:07 2017
Summary:     Optional update for gcc7
Type:        recommended
Severity:    low
References:  1056437,1062591,1062592
Description:


The GNU Compiler GCC 7 is being added to the Toolchain Module by this update.

New features:

- Support for specific IBM Power9 processor instructions.
- Support for specific IBM zSeries z14 processor instructions.
- New packages cross-npvtx-gcc7 and nvptx-tools added to the Toolchain Module for
  specific NVIDIA Card offload support.

The update also supplies gcc7 compatible libstdc++, libgcc_s1 and other gcc derived
libraries for the base products of SUSE Linux Enterprise 12.

Various optimizers have been improved in GCC 7, several of bugs fixed, quite some new
warnings added and the error pin-pointing and fix-suggestions have been greatly improved.

The GNU Compiler page for GCC 7 contains a summary of all the changes that have happened:

	https://gcc.gnu.org/gcc-7/changes.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1965-1
Released:    Thu Nov 30 12:48:45 2017
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1047233,1053671,1057188,1057634,1058695,1058783,1059065,1061384,1062561,1064999,661410
Description:

The Software Update Stack was updated to receive fixes and enhancements.

libsolv:

- Many fixes and improvements for cleandeps.
- Always create dup rules for 'distupgrade' jobs.
- Use recommends also for ordering packages.
- Fix splitprovides handling with addalreadyrecommended turned off. (bsc#1059065)
- Expose solver_get_recommendations() in bindings.
- Fix bug in solver_prune_to_highest_prio_per_name resulting in bad output from solver_get_recommendations().
- Support 'without' and 'unless' dependencies.
- Use same heuristic as upstream to determine source RPMs.
- Fix memory leak in bindings.
- Add pool_best_solvables() function.
- Fix 64bit integer parsing from RPM headers.
- Enable bzip2 and xz/lzma compression support.
- Enable complex/rich dependencies on distributions with RPM 4.13+.

libzypp:

- Fix media handling in presence of a repo path prefix. (bsc#1062561)
- Fix RepoProvideFile ignoring a repo path prefix. (bsc#1062561)
- Remove unused legacy notify-message script. (bsc#1058783)
- Support multiple product licenses in repomd. (fate#322276)
- Propagate 'rpm --import' errors. (bsc#1057188)
- Fix typos in zypp.conf.

zypper:

- Locale: Fix possible segmentation fault. (bsc#1064999)
- Add summary hint if product is better updated by a different command. This is mainly
  used by rolling distributions like openSUSE Tumbleweed to remind their users to use
  'zypper dup' to update (not zypper up or patch). (bsc#1061384)
- Unify '(add|modify)(repo|service)' property related arguments.
- Fixed 'add' commands supporting to set only a subset of properties.
- Introduced '-f/-F' as preferred short option for --[no-]refresh in all four commands.
  (bsc#661410, bsc#1053671)
- Fix missing package names in installation report. (bsc#1058695)
- Differ between unsupported and packages with unknown support status. (bsc#1057634)
- Return error code '107' if an RPM's %post configuration script fails, but only
  if ZYPPER_ON_CODE12_RETURN_107=1 is set in the environment. (bsc#1047233)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1966-1
Released:    Thu Nov 30 13:45:24 2017
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1004995,1035386,1039099,1040800,1045472,1048605,1050152,1053137,1053595,1055641,1063249
Description:

This update for systemd fixes the following issues:

- unit: When JobTimeoutSec= is turned off, implicitly turn off JobRunningTimeoutSec= too.
  (bsc#1048605, bsc#1004995)
- compat-rules: Generate compat by-id symlinks with 'nvme' prefix missing and warn users
  that have broken symlinks. (bsc#1063249)
- compat-rules: Allow to specify the generation number through the kernel command line.
- scsi_id: Fixup prefix for pre-SPC inquiry reply. (bsc#1039099)
- tmpfiles: Remove old ICE and X11 sockets at boot.
- tmpfiles: Silently ignore any path that passes through autofs. (bsc#1045472)
- pam_logind: Skip leading /dev/ from PAM_TTY field before passing it on.
- shared/machine-pool: Fix another mkfs.btrfs checking. (bsc#1053595)
- shutdown: Fix incorrect fscanf() result check.
- shutdown: Don't remount,ro network filesystems. (bsc#1035386)
- shutdown: Don't be fooled when detaching DM devices with BTRFS. (bsc#1055641)
- bash-completion: Add support for --now. (bsc#1053137)
- Add convert-lib-udev-path.sh script to convert /lib/udev directory into a symlink pointing
  to /usr/lib/udev when upgrading from SLE11. (bsc#1050152)
- Add a rule to teach hotplug to offline containers transparently. (bsc#1040800)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:1968-1
Released:    Thu Nov 30 19:49:33 2017
Summary:     Recommended update for coreutils
Type:        recommended
Severity:    low
References:  1026567,1043059,965780
Description:

This update for coreutils provides the following fixes:

- Fix df(1) to no longer interact with excluded file system types, so for example
  specifying -x nfs no longer hangs with problematic nfs mounts. (bsc#1026567)
- Ensure df -l no longer interacts with dummy file system types, so for example no
  longer hangs with problematic NFS mounted via system.automount(5). (bsc#1043059)
- Significantly speed up df(1) for huge mount lists. (bsc#965780)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:1970-1
Released:    Thu Nov 30 22:55:41 2017
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1055825,1056058,1065363,1066242,CVE-2017-3735,CVE-2017-3736
Description:

This update for openssl fixes the following issues:

Security issues fixed:

- CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058)
- CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 (bsc#1066242)
- Out of bounds read+crash in DES_fcrypt (bsc#1065363)
- openssl DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:2021-1
Released:    Fri Dec  8 10:11:04 2017
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1070878,1070958
Description:

This update for file fixes detection of JPEG files.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:2031-1
Released:    Mon Dec 11 12:55:57 2017
Summary:     Recommended update for gzip
Type:        recommended
Severity:    low
References:  1067891
Description:


This update for gzip provides the following fix:

- Fix mishandling of leading zeros in the end-of-block code (bsc#1067891)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:2036-1
Released:    Wed Dec 13 16:34:21 2017
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    low
References:  1039276,1040968,1055446,1066500
Description:

This update for util-linux provides the following fixes:

- Allow unmounting of filesystems without calling stat() on the mount point, when '-c' is used.
  (bsc#1040968)
- Fix an infinite loop, a crash and report the correct minimum and maximum frequencies in
  lscpu for some processors. (bsc#1055446)
- Fix a lscpu failure on Sydney Amazon EC2 region. (bsc#1066500)
- If multiple subvolumes are mounted, report the default subvolume. (bsc#1039276)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2017:2097-1
Released:    Sat Dec 16 01:59:00 2017
Summary:     Security update for openssl
Type:        security
Severity:    important
References:  1071905,1071906,CVE-2017-3737,CVE-2017-3738
Description:

This update for openssl fixes the following issues:

- OpenSSL Security Advisory [07 Dec 2017]
  * CVE-2017-3737: OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \'error state\' mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. O
 penSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected. (bsc#1071905)
  * CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. (bsc#1071906)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2017:2137-1
Released:    Thu Dec 21 17:49:12 2017
Summary:     Recommended update for dbus-1
Type:        recommended
Severity:    moderate
References:  1046173,1071698
Description:


This update for dbus-1 provides the following fixes:

- The previously released fix for systemd-logind dbus disconnections was missing in some
  parts of the package, so properly apply it. (bsc#1071698)
- Remove call to initscripts related macros from the spec file as dbus-1 does not ship any
  initscript anymore. (bsc#1046173)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:4-1
Released:    Tue Jan  2 15:58:20 2018
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1057640,1067605,1068708,1071466,969569
Description:

The Software Update Stack was updated to receive fixes and enhancements.

libzypp:

- Don't store duplicated locks. (bsc#969569)
- Fix default for solver.allowNameChange. (bsc#1071466)
- Don't filter procs with a different mnt namespace. (bsc#1068708)
- Support repo variables in an URIs host:port component. (bsc#1057640, bsc#1067605)

zypper:

- Update manpage regarding custom repository variable fixes. (bsc#1057640, bsc#1067605)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:38-1
Released:    Tue Jan  9 14:56:43 2018
Summary:     Recommended update for kmod
Type:        recommended
Severity:    low
References:  1070209
Description:


This update for kmod provides the following fix:

- Fix resolving .TOC. in modules on 4.4 and older kernel (bsc#1070209)
- Fix kernel master build for ppc64le (bsc#1070209)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:55-1
Released:    Fri Jan 12 09:45:49 2018
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1051042,1053188,1063675,1064569,1064580,1064583,1070905,1071319,1073231,1074293,CVE-2017-1000408,CVE-2017-1000409,CVE-2017-15670,CVE-2017-15671,CVE-2017-15804,CVE-2017-16997,CVE-2018-1000001
Description:

This update for glibc fixes the following issues:

- A privilege escalation bug in the realpath() function has been fixed.
  [CVE-2018-1000001, bsc#1074293]

- A memory leak and a buffer overflow in the dynamic ELF loader has been fixed.
  [CVE-2017-1000408, CVE-2017-1000409, bsc#1071319]

- An issue in the code handling RPATHs was fixed that could have been exploited
  by an attacker to execute code loaded from arbitrary libraries.
  [CVE-2017-16997, bsc#1073231]

- A potential crash caused by a use-after-free bug in pthread_create() has been
  fixed. [bsc#1053188]

- A bug that prevented users to build shared objects which use the optimized
  libmvec.so API has been fixed. [bsc#1070905]

- A memory leak in the glob() function has been fixed. [CVE-2017-15670,
  CVE-2017-15671, CVE-2017-15804, bsc#1064569, bsc#1064580, bsc#1064583]

- A bug that would lose the syscall error code value in case of crashes has
  been fixed. [bsc#1063675]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:59-1
Released:    Fri Jan 12 11:18:44 2018
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1017690,1069213,960341,969783,983436,CVE-2014-8128,CVE-2015-7554,CVE-2016-10095,CVE-2016-5318,CVE-2017-16232
Description:

This update for tiff to version 4.0.9 fixes the following issues:

Security issues fixed:

- CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools (bsc#969783).
- CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField (bsc#960341).
- CVE-2016-10095: Fix stack-based buffer overflow in _TIFFVGetField (tif_dir.c) (bsc#1017690).
- CVE-2016-5318: Fix stackoverflow in thumbnail (bsc#983436).
- CVE-2017-16232: Fix memory-based DoS in tiff2bw (bsc#1069213).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:86-1
Released:    Wed Jan 17 09:38:17 2018
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1056127,1056128,1056129,1056131,1056132,1056136,CVE-2017-13728,CVE-2017-13729,CVE-2017-13730,CVE-2017-13731,CVE-2017-13732,CVE-2017-13733
Description:

This update for ncurses fixes the following issues:

Security issues fixed:

- CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136).
- CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131).
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128).
- CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:88-1
Released:    Wed Jan 17 14:41:17 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1069222,1069226,CVE-2017-8816,CVE-2017-8817
Description:

This update for curl fixes the following issues:

Security issues fixed:

- CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code (bsc#1069226).
- CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function (bsc#1069222).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:90-1
Released:    Wed Jan 17 14:44:33 2018
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    low
References:  1063051,1067312
Description:


This update for lvm2 provides the following fix:

- Backport various upstream fixes for clvmd. (bsc#1063051)
- Don't print error messages on testing the connection to the daemon. (bsc#1063051)
- Fix handling of udev CHANGE events with systemd. (bsc#1067312)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:100-1
Released:    Thu Jan 18 14:40:35 2018
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1056993,CVE-2017-6362
Description:

This update for gd fixes one issues.

This security issue was fixed:

- CVE-2017-6362: Prevent double-free in gdImagePngPtr() that potentially allowed for DoS or remote code execution (bsc#1056993).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:127-1
Released:    Tue Jan 23 13:37:09 2018
Summary:     Security update for libvpx
Type:        security
Severity:    moderate
References:  1075992,CVE-2017-13194
Description:

This update for libvpx fixes one issues.

This security issue was fixed: 

- CVE-2017-13194: Fixed incorrect memory allocation related to odd frame width (bsc#1075992).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:146-1
Released:    Thu Jan 25 11:44:23 2018
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1064397,1065083
Description:

This update for openldap2 provides the following fixes:

- Fix a leak of sockets in case of unsuccessful connection attempts. (bsc#1065083)
- Fix a crash that would happen under heavy load when using back-relay. (bsc#1064397)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:149-1
Released:    Thu Jan 25 13:38:37 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1077001,CVE-2018-1000007
Description:

This update for curl fixes one issues.

This security issue was fixed:

- CVE-2018-1000007: Prevent leaking authentication data to third parties when following redirects (bsc#1077001)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:178-1
Released:    Mon Jan 29 09:55:25 2018
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1076391,CVE-2018-5711
Description:

This update for gd fixes one issues.

This security issue was fixed:

- CVE-2018-5711: Prevent integer signedness error that could have lead to an
  infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:209-1
Released:    Tue Jan 30 10:53:43 2018
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1056126,1056127,1056128,1056129,1056131,1056132,1056136,CVE-2017-13728,CVE-2017-13729,CVE-2017-13730,CVE-2017-13731,CVE-2017-13732,CVE-2017-13733,CVE-2017-13734
Description:

This update for ncurses fixes several issues.

These security issues were fixed:

- CVE-2017-13734: Prevent illegal address access in the _nc_safe_strcat
  function in strings.c that might have lead to a remote denial of service attack
  (bsc#1056126).
- CVE-2017-13733: Prevent illegal address access in the fmt_entry function in
  progs/dump_entry.c that might have lead to a remote denial of service attack
  (bsc#1056127).
- CVE-2017-13732: Prevent illegal address access in the function dump_uses() in
  progs/dump_entry.c that might have lead to a remote denial of service attack
  (bsc#1056128).
- CVE-2017-13731: Prevent illegal address access in the function
  postprocess_termcap() in parse_entry.c that might have lead to a remote denial
  of service attack (bsc#1056129).
- CVE-2017-13730: Prevent illegal address access in the function
  _nc_read_entry_source() in progs/tic.c that might have lead to a remote denial
  of service attack (bsc#1056131).
- CVE-2017-13729: Prevent illegal address access in the _nc_save_str function
  in alloc_entry.c that might have lead to a remote denial of service attack
  (bsc#1056132).
- CVE-2017-13728: Prevent infinite loop in the next_char function in
  comp_scan.c that might have lead to a remote denial of service attack
  (bsc#1056136).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:213-1
Released:    Tue Jan 30 14:36:40 2018
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1048510,1065276,1066156,1068251,1070428,1071558,1074254,1075724,1076308,897422,CVE-2017-15908,CVE-2018-1049
Description:

This update for systemd fixes several issues.

This security issue was fixed:

- CVE-2018-1049: Prevent race that can lead to DoS when using automounts (bsc#1076308).

These non-security issues were fixed:

- core: don't choke if a unit another unit triggers vanishes during reload
- delta: don't ignore PREFIX when the given argument is PREFIX/SUFFIX
- delta: extend skip logic to work on full directory paths (prefix+suffix) (bsc#1070428)
- delta: check if a prefix needs to be skipped only once
- delta: skip symlink paths when split-usr is enabled (#4591)
- sysctl: use raw file descriptor in sysctl_write (#7753)
- sd-netlink: don't take possesion of netlink fd from caller on failure (bsc#1074254)
- Fix the regexp used to detect broken by-id symlinks in /etc/crypttab
  It was missing the following case: '/dev/disk/by-id/cr_-xxx'.
- sysctl: disable buffer while writing to /proc (bsc#1071558)
- Use read_line() and LONG_LINE_MAX to read values configuration files. (bsc#1071558)
- sysctl: no need to check for eof twice
- def: add new constant LONG_LINE_MAX
- fileio: add new helper call read_line() as bounded getline() replacement
- service: Don't stop unneeded units needed by restarted service (#7526) (bsc#1066156)
- gpt-auto-generator: fix the handling of the value returned by fstab_has_fstype() in add_swap() (#6280)
- gpt-auto-generator: disable gpt auto logic for swaps if at least one is defined in fstab (bsc#897422)
- fstab-util: introduce fstab_has_fstype() helper
- fstab-generator: ignore root=/dev/nfs (#3591)
- fstab-generator: don't process root= if it happens to be 'gpt-auto' (#3452)
- virt: use XENFEAT_dom0 to detect the hardware domain (#6442, #6662) (#7581) (bsc#1048510)
- analyze: replace --no-man with --man=no in the man page (bsc#1068251)
- udev: net_setup_link: don't error out when we couldn't apply link config (#7328)
- Add missing /etc/systemd/network directory
- Fix parsing of features in detect_vm_xen_dom0 (#7890) (bsc#1048510)
- sd-bus: use -- when passing arguments to ssh (#6706)
- systemctl: make sure we terminate the bus connection first, and then close the pager (#3550)
- sd-bus: bump message queue size (bsc#1075724)
- tmpfiles: downgrade warning about duplicate line

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:214-1
Released:    Tue Jan 30 14:37:42 2018
Summary:     Security update for libtasn1
Type:        security
Severity:    moderate
References:  1076832,CVE-2018-6003
Description:

This update for libtasn1 fixes one issue.

This security issue was fixed:

- CVE-2018-6003: Prevent a stack exhaustion in  _asn1_decode_simple_ber
  (lib/decoding.c) when decoding BER encoded structure allowed for DoS
  (bsc#1076832).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:261-1
Released:    Tue Feb  6 11:24:15 2018
Summary:     Security update for libjpeg-turbo
Type:        security
Severity:    moderate
References:  1062937,CVE-2017-15232
Description:

This update for libjpeg-turbo fixes the following issues:

Feature update:

- Update from version 1.3.1 to version 1.5.2 (fate#324061).
  
Security issue fixed:

- CVE-2017-15232: Fix NULL pointer dereference in jdpostct.c and jquant1.c (bsc#1062937).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:276-1
Released:    Thu Feb  8 17:47:43 2018
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1077993,1078806,1078813,CVE-2016-5131,CVE-2017-15412,CVE-2017-5130
Description:

This update for libxml2 fixes one issue.

This security issue was fixed:

- CVE-2017-15412: Prevent use after free when calling XPath extension functions
  that allowed remote attackers to cause DoS or potentially RCE (bsc#1077993)
- CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed
  remote attackers to cause a denial of service or possibly have
  unspecified other impact via vectors related to the XPointer range-to
  function. (bsc#1078813)
- CVE-2017-5130: Fixed a potential remote buffer overflow in function
  xmlMemoryStrdup() (bsc#1078806)

  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:286-1
Released:    Fri Feb  9 16:48:50 2018
Summary:     Security update for freetype2
Type:        security
Severity:    important
References:  1028103,1035807,1036457,1079600,CVE-2016-10244,CVE-2017-7864,CVE-2017-8105,CVE-2017-8287
Description:


  
This update for freetype2 fixes the following security issues:

- CVE-2016-10244: Make sure that the parse_charstrings function in
  type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS
  through a heap-based buffer over-read or possibly have unspecified other
  impact via a crafted file (bsc#1028103)
- CVE-2017-8105: Fix an out-of-bounds write caused by a heap-based
  buffer overflow related to the t1_decoder_parse_charstrings function in
  psaux/t1decode.ca (bsc#1035807)
- CVE-2017-8287: an out-of-bounds write caused by a heap-based buffer
  overflow related to the t1_builder_close_contour function in psaux/psobjs.c
  (bsc#1036457)
- Fix several integer overflow issues in truetype/ttinterp.c (bsc#1079600)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:291-1
Released:    Mon Feb 12 11:50:39 2018
Summary:     Recommended update for bash
Type:        recommended
Severity:    low
References:  1057452,1076909
Description:

This update for bash provides the following fix:

- Allow process group assignment on all kernel versions to fix the usage of debug traps.
  (bsc#1057452)
- Fix a crash when filesystem is full. (bsc#1076909)
- Enable multi-byte characters by default.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:314-1
Released:    Thu Feb 15 14:47:35 2018
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1037930,1051791,1073990,1074293,1079036,CVE-2017-12132,CVE-2017-8804,CVE-2018-1000001,CVE-2018-6485,CVE-2018-6551
Description:


  
This update for glibc fixes the following issues:

Security issues fixed:

- CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930)
- CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791)
- CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036)
- CVE-2018-1000001: Avoid underflow of malloced area (bsc#1074293)

Non security bugs fixed:

- Release read lock after resetting timeout (bsc#1073990)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:336-1
Released:    Wed Feb 21 14:26:52 2018
Summary:     Security update for libdb-4_8
Type:        security
Severity:    moderate
References:  1043886
Description:

This update for libdb-4_8 fixes the following issues:

- A DB_CONFIG file in the current working directory allowed local
  users to obtain sensitive information via a symlink attack
  involving a setgid or setuid application using libdb-4_8. (bsc#1043886)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:355-1
Released:    Mon Feb 26 16:34:46 2018
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1057974,1068588,1071224,1071311,1075801,1077925,CVE-2017-18078
Description:


  
This update for systemd fixes the following issues:

Security issue fixed:

- CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are
  hardlinked, unless protected_hardlinks sysctl is on. This could be used
  by local attackers to gain privileges (bsc#1077925)

Non Security issues fixed:

- core: use id unit when retrieving unit file state (#8038) (bsc#1075801)
- cryptsetup-generator: run cryptsetup service before swap unit (#5480)
- udev-rules: all values can contain escaped double quotes now (#6890)
- strv: fix buffer size calculation in strv_join_quoted()
- tmpfiles: change ownership of symlinks too
- stdio-bridge: Correctly propagate error
- stdio-bridge: remove dead code
- remove bus-proxyd (bsc#1057974)
- core/timer: Prevent timer looping when unit cannot start (bsc#1068588)

- Make systemd-timesyncd use the openSUSE NTP servers by default
  Previously systemd-timesyncd used the Google Public NTP servers
  time{1..4}.google.com

- Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224)
  But we still ship a copy in /var.
  Users who want to use tmpfs on /tmp are supposed to add a symlink in
  /etc/ pointing to the copy shipped in /var.
  To support the update path we automatically create the symlink if
  tmp.mount in use is located in /usr.

- Enable systemd-networkd on Leap distros only (bsc#1071311)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:375-1
Released:    Wed Feb 28 16:33:37 2018
Summary:     Recommended update for net-tools
Type:        recommended
Severity:    low
References:  1009905,1063910
Description:


This update for net-tools provides the following fix:

- netstat: fix handling of large socket numbers (bsc#1063910)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:439-1
Released:    Fri Mar  9 14:05:22 2018
Summary:     Security update for augeas
Type:        security
Severity:    low
References:  1054171,CVE-2017-7555
Description:

This update for augeas fixes the following issues:

Security issue fixed:

- CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution
  by passing crafted strings that would be mis-handled by parse_name() (bsc#1054171).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:443-1
Released:    Fri Mar  9 18:02:14 2018
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1081556,CVE-2017-12133
Description:

This update for glibc fixes the following issues:

- CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:446-1
Released:    Mon Mar 12 13:13:55 2018
Summary:     Security update for shadow
Type:        security
Severity:    moderate
References:  1081294,CVE-2018-7169
Description:

This update for shadow fixes the following issues:

- CVE-2018-7169: Fixed an privilege escalation in newgidmap,
  which allowed an unprivileged user to be placed in a user namespace where
  setgroups(2) is allowed. (bsc#1081294)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:465-1
Released:    Thu Mar 15 07:38:52 2018
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1075743,1078358,1081170
Description:

This update for systemd fixes the following issues:

- Add dmi/id conditions to 80-acpi-container-hotplug.rules to restrict
  the rule that it can only be triggered on Huawei Kunlun 9008, 9016 and
  9032 machines. (bsc#1078358, bsc#1081170, bsc#1075743)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:472-1
Released:    Thu Mar 15 10:47:40 2018
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    low
References:  1074687,1075449,1076415,1079334,953130
Description:

This update for libsolv, libzypp and zypper provides the following fixes:

libsolv:
- Fix a bug that could make fileconflict detection very slow in some cases. (bnc#953130)
- Add new configuration options: ENABLE_RPMDB_LIBRPM and ENABLE_RPMPKG_LIBRPM.
- Add a new function to change the whatprovides data: pool_set_whatprovides.
- Significant improvements in the selection code.

libzypp:
- Make sure deleted keys are also removed from rpmdb. (bsc#1075449)
- plugin: Don't reject header values containing ':'. (bsc#1074687)
- RpmDb::checkPackage: Fix parsing localized rpm output. (bsc#1076415)

zypper:
- Do not recommend cron as it is not a direct dependency of zypper. (bsc#1079334)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:522-1
Released:    Thu Mar 22 08:20:46 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1084521,1084524,1084532,CVE-2018-1000120,CVE-2018-1000121,CVE-2018-1000122
Description:

This update for curl fixes the following issues:

Following security issues were fixed:

- CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution (bsc#1084521).
- CVE-2018-1000121: A NULL pointer dereference exists in the LDAP code that allowed an attacker to cause a denial of service (bsc#1084524).
- CVE-2018-1000122: A buffer over-read exists in the RTSP+RTP handling code that allowed an attacker to cause a denial of service or information leakage (bsc#1084532).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:567-1
Released:    Thu Mar 29 14:02:08 2018
Summary:     Security update for krb5
Type:        security
Severity:    moderate
References:  1057662,1081725,1083926,1083927,CVE-2018-5729,CVE-2018-5730
Description:

This update for krb5 provides the following fixes:

Security issues fixed:

- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).

Non-security issues fixed:

- Make it possible for legacy applications (e.g. SAP Netweaver) to remain compatible with
  newer Kerberos. System administrators who are experiencing this kind of compatibility
  issues may set the environment variable GSSAPI_ASSUME_MECH_MATCH to a non-empty value,
  and make sure the environment variable is visible and effective to the application
  startup script. (bsc#1057662)
- Fix a GSS failure in legacy applications by not indicating deprecated GSS mechanisms in
  gss_indicate_mech() list. (bsc#1081725)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:594-1
Released:    Thu Apr  5 17:22:37 2018
Summary:     Security update for libidn
Type:        security
Severity:    moderate
References:  1056450,CVE-2017-14062
Description:

This update for libidn fixes one issues.

This security issue was fixed:

- CVE-2017-14062: Prevent integer overflow in the decode_digit function that
  allowed remote attackers to cause a denial of service or possibly have
  unspecified other impact (bsc#1056450).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:624-1
Released:    Wed Apr 11 18:02:57 2018
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1087102,CVE-2018-0739
Description:

This update for openssl fixes the following issues:

    - CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) 
    could eventually exceed the stack given malicious input with excessive recursion. This could result 
    in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from 
    untrusted sources so this is considered safe. (bsc#1087102).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:730-1
Released:    Wed Apr 25 14:14:41 2018
Summary:     Security update for perl
Type:        security
Severity:    moderate
References:  1082216,1082233,1082234,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Description:

This update for perl fixes the following issues:

Security issues fixed:

- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).
- CVE-2018-6797: Fixed sharp-s regexp overflow (bsc#1082234).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:736-1
Released:    Wed Apr 25 14:23:49 2018
Summary:     Recommended update for libsolv, libzypp
Type:        recommended
Severity:    moderate
References:  1075978,1077635,1079991,1082318,1086602
Description:

This update for libsolv, libzypp provides the following fixes:

Changes in libsolv:
- Make sure the product file comes from /etc/products.d for the fallback product search.
  (bsc#1086602)
- Also make use of suggests for ordering packages. (bsc#1077635)
- Fix bad assignment in solution refinement that led to a memory leak. (bsc#1075978)
- Use license tag instead of doc in the spec file. (bsc#1082318)

Changes in libzypp:
- Make sure the product file comes from /etc/products.d for the fallback product search.
  (bsc#1086602)
- Fix a memory leak in Digest.cc. (bsc#1075978)
- Add /var/lib/gdm to CheckAccessDeleted blacklist to prevent showing superfluous `zypper ps -s`
  messages. (bsc#1079991)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:779-1
Released:    Wed May  2 22:16:26 2018
Summary:     Recommended update for rpm
Type:        recommended
Severity:    low
References:  1003714,1027925,1069934
Description:


This update for rpm provides the following fixes:

- Fix find-lang.sh to handle special case of .qm file paths correctly. (bsc#1027925)
- Add %sle_version macro to suse_macros. (bsc#1003714)
- Added a %rpm_vercmp macro which accepts two versions as parameters and returns -1, 0, 1
  if the first version is less than, equal or greater than the second version respectively.
- Added a %pkg_version macro that accepts a package or capability name as argument and
  returns the version number of the installed package. If no package provides the argument,
  it returns the string '~~~'.
- Added a %pkg_vcmp macro that accepts 3 parameters. The first parameter is a package name
  or provided capability name, the second argument is an operator ( < <= = >= > != )
  and the third parameter is a version string to be compared to the installed version of
  the first argument.
- Added a %pkg_version_cmp macro which accepts a package or capability name as first argument
  and a version number as second argument and returns -1, 0, 1 or '~~~'. The number values
  have the same meaning as in %rpm_vercmp and the '~~~' string is returned if the package
  or capability can't be found. (bsc#1069934)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:797-1
Released:    Mon May  7 07:07:38 2018
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    important
References:  1061667,1068967,1074621,1083290,1083946,1084812,1087550,1087930
Description:


  
This update for gcc7 to 7.3 release fixes the following issues:

- Update to GCC 7.3 release and further updated to gcc-7-branch head (r258812).
- The Spectre v2 mitigation patch for s390x is now included. [bsc#1083946]
- Adds backport of x86 retpoline support via -mindirect-branch=, -mfunction-return= and friends. [bsc#1074621]
- Update includes a fix for chromium build failure.  [bsc#1083290]
- Various AArch64 compile fixes are included:

  * Picks fix to no longer enable -mpc-relative-literal-loads by default
    with --enable-fix-cortex-a53-843419.
  * Enable --enable-fix-cortex-a53-843419 for aarch64.  [bsc#1084812] [bsc#1087930]
  * Enable --enable-fix-cortex-a53-835769 for aarch64.
  * Contains fix for PR82445 which is about a RPI1 bootloader miscompile. [bsc#1061667]
  * Fixed bogus stack probe instruction on ARM. [bsc#1068967]

- Revert the ios_base::failure ABI back to compatible behavior with the default ABI.  [bsc#1087550]

- Fix nvptx offload target compiler install so GCC can pick up
  required files.  Split out the newlib part into cross-nvptx-newlib7-devel
  and avoid conflicts with GCC 8 variant via Provides/Conflicts
  of cross-nvptx-newlib-devel.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:822-1
Released:    Wed May  9 14:01:33 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1046077,1074318,1081690,CVE-2017-17973,CVE-2017-9935,CVE-2018-5784
Description:

This update for tiff fixes the following issues:

- CVE-2017-9935: There was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution (bsc#1046077)
- CVE-2017-17973: There is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. (bsc#1074318)
- CVE-2018-5784: There is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries (bsc#1081690)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:939-1
Released:    Thu May 17 08:41:30 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1086825,1092098,CVE-2018-1000301
Description:

This update for curl fixes several issues:

Security issues fixed:

- CVE-2018-1000301: Fixed a RTSP bad headers buffer over-read could crash the curl client (bsc#1092098)

Non security issues fixed:

- If the DEFAULT_SUSE cipher list is not available use the HIGH cipher alias before failing.
  (bsc#1086825)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:974-1
Released:    Wed May 23 16:46:50 2018
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1045092,1051465,1066422,1075804,1082485,1084626,1085062,1086785,1087323
Description:

This update for systemd provides the following fixes:

- sysusers: Do not append entries after the NIS ones. (bsc#1085062, bsc#1045092)
- sysusers: Also add support for NIS entries in /etc/shadow.
- sysusers: Make sure to reset errno before calling fget*ent().
- coredump: Respect ulimit -c 0 settings. (bsc#1075804)
- systemctl: Don't make up unit states, and don't eat up errors too eagerly. (bsc#1084626)
- systemctl: Don't mangle unit names in check_unit_generic().
- rules, compat-rules: Fix errors detected by the rule syntax checker.
- python: Use raw strings for regexp patterns.
- compat-rules: Make path_id_compat build with meson.
- compat-rules: Get rid of scsi_id when generating compat symlinks for NVMe devices.
  (bsc#1051465)
- Fix memory hotplugging.
- systemd: Add offline environmental condition to the udev rules for acpi container to
  prevent them from being triggered by the 'udevadm trigger' from user space. (bsc#1082485)
- systemd-udevd: Limit children-max by the available memory. (bsc#1086785, bsc#1066422)
- Rename the tarball to reflect the exact version used, so that it is clear that it
  contains some additional patches on top of the upstream version. Use the commit hash in
  the name so the exact version can easily be identified. (bsc#1087323)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:977-1
Released:    Wed May 23 17:14:16 2018
Summary:     Security update for bash
Type:        security
Severity:    moderate
References:  1000396,1001299,1086247,CVE-2016-0634,CVE-2016-7543
Description:

This update for bash fixes the following issues:

Security issues fixed:

- CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed (bsc#1001299)
- CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed (bsc#1000396)

Non-security issues fixed:

- Fix repeating self-calling of traps due the combination of a non-interactive shell, a trap handler for SIGINT, an
  external process in the trap handler, and a SIGINT within the trap after the external process runs. (bsc#1086247)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:978-1
Released:    Wed May 23 17:18:39 2018
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1071321
Description:

This update for zlib fixes the following issues:

- Fix a segmentation fault which was raised when converting a negative value into an unsigned integer (bsc#1071321)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1028-1
Released:    Tue Jun  5 13:20:44 2018
Summary:     Recommended update for pam
Type:        recommended
Severity:    low
References:  1089884
Description:

This update for pam fixes the following issues:

- Fix order of accessed configuration files in man page. (bsc#1089884)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1077-1
Released:    Wed Jun  6 11:44:25 2018
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1086690,1094150,1094154,1094161,CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Description:


  
This update for glibc fixes the following issues:

- CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary (bsc#1094150)
- CVE-2018-11236: Fix overflow in path length computation (bsc#1094161)
- CVE-2018-11237: Don't write beyond buffer destination in __mempcpy_avx512_no_vzeroupper (bsc#1094154)

Non security bugs fixed:

- Fix crash in resolver on memory allocation failure (bsc#1086690)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1082-1
Released:    Thu Jun  7 12:58:56 2018
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  1073879,1080078,964063
Description:

This update for rpm fixes the following issues:

- Backport support for no_recompute_build_ids macro. (bsc#964063)
- Fix code execution when evaluating common python-related macros. (bsc#1080078)

Additionally, this update adds python3-rpm to the SUSE Linux Enterprise Server.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1141-1
Released:    Fri Jun 15 13:41:08 2018
Summary:     Security update for gpg2
Type:        security
Severity:    important
References:  1096745,CVE-2018-12020
Description:

This update for gpg2 fixes the following security issue:

- CVE-2018-12020: GnuPG mishandled the original filename during decryption and
  verification actions, which allowed remote attackers to spoof the output that
  GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'
  option (bsc#1096745)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1145-1
Released:    Fri Jun 15 19:19:51 2018
Summary:     Recommended update for openssl
Type:        recommended
Severity:    moderate
References:  1090765
Description:

This update for openssl provides the following fix:

- Suggest libopenssl1_0_0-hmac from libopenssl1_0_0 package to avoid dependency issues
  during updates. (bsc#1090765)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1233-1
Released:    Wed Jun 27 12:45:13 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1007276,1074317,1082332,1082825,1086408,1092949,974621,CVE-2016-3632,CVE-2016-8331,CVE-2017-11613,CVE-2017-13726,CVE-2017-18013,CVE-2018-10963,CVE-2018-7456,CVE-2018-8905
Description:

This update for tiff fixes the following issues:

These security issues were fixed:

- CVE-2017-18013: There was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.  (bsc#1074317)
- CVE-2018-10963: The TIFFWriteDirectorySec() function in tif_dirwrite.c allowed remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.  (bsc#1092949)
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825)
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332)
- CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408)
- CVE-2016-8331: Prevent remote code execution because of incorrect handling of TIFF images. A crafted TIFF document could have lead to a type confusion vulnerability resulting in remote code execution. This vulnerability could have been be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality (bsc#1007276)
- CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image (bsc#974621)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1242-1
Released:    Thu Jun 28 13:44:16 2018
Summary:     Security update for procps
Type:        security
Severity:    moderate
References:  1092100,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124,CVE-2018-1125,CVE-2018-1126
Description:

This update for procps fixes the following security issues:

- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
  with HOME unset in an attacker-controlled directory, the attacker could have
  achieved privilege escalation by exploiting one of several vulnerabilities in
  the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
  Inbuilt protection in ps maped a guard page at the end of the overflowed
  buffer, ensuring that the impact of this flaw is limited to a crash (temporary
  denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
  corruption in file2strvec function. This allowed a privilege escalation for a
  local attacker who can create entries in procfs by starting processes, which
  could result in crashes or arbitrary code execution in proc utilities run by
  other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
  mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
  truncation/integer overflow issues (bsc#1092100).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1276-1
Released:    Thu Jul  5 08:36:17 2018
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1097158,1097624,1098592,CVE-2018-0732
Description:

This update for openssl fixes the following issues:

- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
  ciphersuite a malicious server could have sent a very large prime value to the
  client. This caused the client to spend an unreasonably long period of time
  generating a key for this prime resulting in a hang until the client has
  finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1328-1
Released:    Tue Jul 17 08:07:57 2018
Summary:     Security update for perl
Type:        security
Severity:    important
References:  1068565,1082216,1082233,1082234,1096718,CVE-2018-12015,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Description:

This update for perl fixes the following issues:

These security issue were fixed: 

- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).
- CVE-2018-6797: Fixed sharp-s regexp overflow (bsc#1082234).
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a
  directory-traversal protection mechanism and overwrite arbitrary files
  (bsc#1096718)

This non-security issue was fixed: 

- fix debugger crash in tab completion with Term::ReadLine::Gnu [bsc#1068565]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1351-1
Released:    Thu Jul 19 09:43:21 2018
Summary:     Security update for shadow
Type:        security
Severity:    important
References:  1099310,CVE-2016-6252
Description:

This update for shadow fixes the following issues:

- CVE-2016-6252: Incorrect integer handling could results in local privilege escalation (bsc#1099310)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1400-1
Released:    Thu Jul 26 16:32:29 2018
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1072947,1078662,1080740,1084300,CVE-2018-7738
Description:

This update for util-linux fixes the following issues:

This non-security issue was fixed:

- CVE-2018-7738: bash-completion/umount allowed local users to gain privileges
  by embedding shell commands in a mountpoint name, which was mishandled during a
  umount command by a different user (bsc#1084300).

These non-security issues were fixed:

- Fixed crash loop in lscpu (bsc#1072947).
- Fixed possible segfault of umount -a
- Fixed mount -a on NFS bind mounts (bsc#1080740).
- Fixed lsblk on NVMe (bsc#1078662).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1413-1
Released:    Fri Jul 27 12:41:13 2018
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1064455,1090766,1097410,CVE-2018-0495
Description:

This update for libgcrypt fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for
  ECDSA signatures (bsc#1097410).

The following other issues were fixed:

- Extended the fipsdrv dsa-sign and dsa-verify commands with the
  --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).
- Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1450-1
Released:    Mon Jul 30 10:10:45 2018
Summary:     Recommended update for pam
Type:        recommended
Severity:    low
References:  1096282
Description:

This update for pam provides the following fix:

- Added  /etc/security/limits.d to the pam package. (bsc#1096282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1549-1
Released:    Mon Aug 13 13:41:22 2018
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    low
References:  1065448,1070431,1077787,1092640
Description:

This update for sg3_utils provides the following fix:

- Decode standard INQUIRY for CD-ROMs correctly. (bsc#1065448, bsc#1070431)
- Fix page decoding. (bsc#1077787)
- Remove initrd rebuild macros for libsgutils2 subpackage. (bsc#1092640)
- Use %post -p for ldconfig. (bsc#1092640)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1610-1
Released:    Thu Aug 16 14:04:25 2018
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1064455,1090766,1097410,CVE-2018-0495
Description:

This update for libgcrypt fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for
  ECDSA signatures (bsc#1097410).

The following other issues were fixed:

- Extended the fipsdrv dsa-sign and dsa-verify commands with the
  --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).
- Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1620-1
Released:    Thu Aug 16 14:49:45 2018
Summary:     Security update for shadow
Type:        security
Severity:    important
References:  1099310,CVE-2016-6252
Description:

This update for shadow fixes the following issues:

- CVE-2016-6252: Incorrect integer handling could results in local privilege escalation (bsc#1099310)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1632-1
Released:    Thu Aug 16 15:27:04 2018
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1039099,1080382,1082004,1082485,1083158,1088052,1088769,1088890,1089761,1090785,1091265,1093851,1095096
Description:

This update for systemd fixes the following issues:

- core: In --user mode, report READY=1 as soon as basic.target is reached.
- sd-bus: Extend D-Bus authentication timeout considerably.
- scsi_id: Fixup prefix for pre-SPC inquiry reply. (bsc#1039099)
- udev: Use MAC address match only for ibmveth/ibmvnic/mlx4. (bsc#1095096)
- compat-rules: Generate more compat by-id symlinks for NVMe devices. (bsc#1095096)
- udev: Whitelist mlx4_core locally-administered MAC addresses in the persistent rule generator. (bsc#1083158)
- udev: Don't create by-partlabel/primary and .../logical symlinks. (bsc#1089761)
- rules: Add /dev/disk/by-partuuid symlinks also for dos partition tables.
- device: Make sure to always retroactively start device dependencies. (bsc#1088052)
- device: Skip deserialization of device units when udevd is not running.
- install: 'user' and 'global' scopes are equivalent for user presets. (bsc#1093851)
- install: Search preset files in /run.
- man: Updated systemd-analyze blame description for service-units with Type=simple. (bsc#1091265)
- logind: Fix crash when shutdown is not issued from a tty. (bsc#1088890)
- logind: Do not use an uninitialized variable. (bsc#1088890)
- Disable user services by default. (bsc#1090785)
- Ship 99-sysctl.conf instead of creating it during package installation/update. (bsc#1088769)
  Previously this symlink was created in /etc/sysctl.d during %post
  which made the symlink not owned and more importantly it was created
  only if /etc/sysctl.conf is already installed which is not always
  the case during the installation process it seems.
  So ship the symlink unconditionally and put it in /usr/lib/sysctl.d
  instead since it's a distro default behavior that might be overriden
  by sysadmin later.
- systemd: Add offline environmental condition to 80-acpi-container-hotplug.rules. (bsc#1080382, bsc#1082485)
  Add the offline event environmental condition to restrict the rule
  that is can only be triggered when the change event is received with
  the 'offline' environmental data. The 27664c581 'ACPI / scan: Send
  change uevent with offine environmental data' kernel patch changed
  the corresponding code in kernel.
  This change prevents the udev rules for acpi container be triggered
  by 'udevadm trigger' from user space.
- build-sys: Explicitly require python3. (bsc#1082004)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1636-1
Released:    Thu Aug 16 15:30:11 2018
Summary:     Recommended update for pam
Type:        recommended
Severity:    low
References:  1096282
Description:

This update for pam provides the following fix:

- Added  /etc/security/limits.d to the pam package. (bsc#1096282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1689-1
Released:    Mon Aug 20 09:02:24 2018
Summary:     Recommended update for pam
Type:        recommended
Severity:    low
References:  1096282
Description:

This update for pam provides the following fix:

- Added  /etc/security/limits.d to the pam package. (bsc#1096282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1691-1
Released:    Mon Aug 20 09:04:17 2018
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    low
References:  1065448,1070431,1077787,1092640
Description:

This update for sg3_utils provides the following fix:

- Decode standard INQUIRY for CD-ROMs correctly. (bsc#1065448, bsc#1070431)
- Fix page decoding. (bsc#1077787)
- Remove initrd rebuild macros for libsgutils2 subpackage. (bsc#1092640)
- Use %post -p for ldconfig. (bsc#1092640)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1695-1
Released:    Mon Aug 20 09:19:20 2018
Summary:     Security update for perl
Type:        security
Severity:    important
References:  1068565,1082216,1082233,1082234,1096718,CVE-2018-12015,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Description:

This update for perl fixes the following issues:

These security issue were fixed: 

- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).
- CVE-2018-6797: Fixed sharp-s regexp overflow (bsc#1082234).
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a
  directory-traversal protection mechanism and overwrite arbitrary files
  (bsc#1096718)

This non-security issue was fixed: 

- fix debugger crash in tab completion with Term::ReadLine::Gnu [bsc#1068565]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1698-1
Released:    Mon Aug 20 09:19:28 2018
Summary:     Security update for shadow
Type:        security
Severity:    important
References:  1099310,CVE-2016-6252
Description:

This update for shadow fixes the following issues:

- CVE-2016-6252: Incorrect integer handling could results in local privilege escalation (bsc#1099310)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1834-1
Released:    Wed Sep  5 10:17:42 2018
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1089761,1090944,1101040,1103910
Description:

This update for systemd fixes the following issues:

- cryptsetup: Add support for sector-size= option. (fate#325634)
- resolved: Apply epoch to system time from PID 1. (bsc#1103910)
- core/service: Rework the hold-off time over message.
- core: Don't freeze OnCalendar= timer units when the clock goes back a lot. (bsc#1090944)
- man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040)
- Add udev.no-partlabel-links kernel command-line option. This option can be used to disable
  the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1838-1
Released:    Wed Sep  5 14:08:13 2018
Summary:     Optional update for brotli
Type:        recommended
Severity:    low
References:  1106391
Description:


This update supplies the brotli compressor. (FATE#326659)

It will be used in an nginx container of CAASP 3.0
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1903-1
Released:    Fri Sep 14 12:46:21 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1089533,1106019,CVE-2018-14618
Description:

This update for curl fixes the following issues:

This security issue was fixed:

- CVE-2018-14618: Prevent integer overflow in the NTLM authentication code (bsc#1106019)

This non-security issue was fixed:

- Fixed erroneous debug message when paired with OpenSSL (bsc#1089533)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1969-1
Released:    Mon Sep 24 08:06:42 2018
Summary:     Security update for libzypp, zypper
Type:        security
Severity:    important
References:  1036304,1045735,1049825,1070851,1076192,1088705,1091624,1092413,1096803,1099847,1100028,1101349,1102429,CVE-2017-9269,CVE-2018-7685
Description:

This update for libzypp, zypper fixes the following issues:

Update libzypp to version 16.17.20:

Security issues fixed:

- PackageProvider: Validate deta rpms before caching (bsc#1091624,
  bsc#1088705, CVE-2018-7685)
- PackageProvider: Validate downloaded rpm package signatures before
  caching (bsc#1091624, bsc#1088705, CVE-2018-7685)

Other bugs fixed:

- lsof: use '-K i' if lsof supports it (bsc#1099847, bsc#1036304)
- Handle http error 502 Bad Gateway in curl backend (bsc#1070851)
- RepoManager: Explicitly request repo2solv to generate application
  pseudo packages.
- libzypp-devel should not require cmake (bsc#1101349)
- HardLocksFile: Prevent against empty commit without Target having
  been been loaded (bsc#1096803)
- Avoid zombie tar processes (bsc#1076192)

Update to zypper to version 1.13.45:

Security issues fixed:

- Improve signature check callback messages (bsc#1045735, CVE-2017-9269)
- add/modify repo: Add options to tune the GPG check settings
  (bsc#1045735, CVE-2017-9269)

Other bugs fixed:

- XML <install-summary> attribute `packages-to-change` added (bsc#1102429)
- man: Strengthen that `--config FILE' affects zypper.conf,
  not zypp.conf (bsc#1100028)
- Prevent nested calls to exit() if aborted by a signal (bsc#1092413)
- ansi.h: Prevent ESC sequence strings from going out of scope (bsc#1092413)
- Fix: zypper bash completion expands non-existing options (bsc#1049825)
- Improve signature check callback messages (bsc#1045735)
- add/modify repo: Add options to tune the GPG check settings (bsc#1045735)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1985-1
Released:    Mon Sep 24 11:56:08 2018
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1089640
Description:

This update for openldap2 provides the following fix:

- Fix slapd segfaults in mdb_env_reader_dest. (bsc#1089640)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1989-1
Released:    Mon Sep 24 12:54:37 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1074186,1092480,983440,CVE-2016-5319,CVE-2017-17942,CVE-2018-10779
Description:

This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-10779: Fixed a heap-based buffer overflow in TIFFWriteScanline()
  in tif_write.c (bsc#1092480)
- CVE-2017-17942: Fixed a heap-based buffer overflow in the function
  PackBitsEncode in tif_packbits.c. (bsc#1074186)
- CVE-2016-5319: Fixed a beap-based buffer overflow in bmp2tiff (bsc#983440)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1991-1
Released:    Mon Sep 24 12:55:19 2018
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1105434,CVE-2018-1000222
Description:

This update for gd fixes the following issues:

Security issue fixed:

- CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr() that
  could result in remote code execution. This could have been exploited via a
  specially crafted JPEG image files. (bsc#1105434)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1994-1
Released:    Mon Sep 24 12:55:57 2018
Summary:     Security update for shadow
Type:        security
Severity:    moderate
References:  1106914
Description:

This update for shadow fixes the following security issue:

- Prevent useradd from creating intermediate directories with mode 0777 (bsc#1106914)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2069-1
Released:    Fri Sep 28 08:01:25 2018
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1089039,1101246,1101470,1104789,1106197,997043,CVE-2018-0737
Description:

This update for openssl fixes the following issues:

These security issues were fixed:

- Prevent One&Done side-channel attack on RSA that allowed physically near
  attackers to use EM emanations to recover information (bsc#1104789)
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
  vulnerable to a cache timing side channel attack. An attacker with sufficient
  access to mount cache timing attacks during the RSA key generation process
  could have recovered the private key (bsc#1089039)

These non-security issues were fixed:

- Add openssl(cli) Provide so the packages that require the openssl
  binary can require this instead of the new openssl meta package
  (bsc#1101470)
- Fixed path to the engines which are under /lib64 on SLE-12 (bsc#1101246,
  bsc#997043)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2162-1
Released:    Fri Oct  5 14:46:53 2018
Summary:     Recommended update for krb5
Type:        recommended
Severity:    moderate
References:  1088921
Description:

This update for krb5 provides the following fix:

- Resolve krb5 GSS credentials immediately if the application requests the lifetime.
  (bsc#1088921)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2181-1
Released:    Tue Oct  9 11:08:20 2018
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1088279,1088601,1102046,1105166,CVE-2017-18258,CVE-2018-14404,CVE-2018-14567,CVE-2018-9251
Description:

This update for libxml2 fixes the following security issues:

- CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a
  denial of service (infinite loop) via a crafted XML file that triggers
  LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).
- CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML
  file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint
  (bsc#1105166).
- CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval()
  function when parsing an invalid XPath expression in the XPATH_OP_AND or
  XPATH_OP_OR case leading to a denial of service attack (bsc#1102046).
- CVE-2017-18258: The xz_head function allowed remote attackers to cause a
  denial of service (memory consumption) via a crafted LZMA file, because the
  decoder functionality did not restrict memory usage to what is required for a
  legitimate file (bsc#1088601).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2196-1
Released:    Thu Oct 11 07:45:16 2018
Summary:     Optional update for gcc8
Type:        recommended
Severity:    low
References:  1084812,1084842,1087550,1094222,1102564
Description:


The GNU Compiler GCC 8 is being added to the Toolchain Module by this
update.

The update also supplies gcc8 compatible libstdc++, libgcc_s1 and other
gcc derived libraries for the base products of SUSE Linux Enterprise 12.

Various optimizers have been improved in GCC 8, several of bugs fixed,
quite some new warnings added and the error pin-pointing and
fix-suggestions have been greatly improved.

The GNU Compiler page for GCC 8 contains a summary of all the changes that
have happened:

        https://gcc.gnu.org/gcc-8/changes.html

Also changes needed or common pitfalls when porting software are described on:

        https://gcc.gnu.org/gcc-8/porting_to.html



-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2202-1
Released:    Thu Oct 11 20:46:27 2018
Summary:     Security update for libX11 and libxcb
Type:        security
Severity:    moderate
References:  1094327,1102062,1102068,1102073,CVE-2018-14598,CVE-2018-14599,CVE-2018-14600
Description:

This update for libX11 and libxcb fixes the following issue:

libX11:

These security issues were fixed:

- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one
  error caused by malicious server responses, leading to DoS or possibly
  unspecified other impact (bsc#1102062).
- CVE-2018-14600: The function XListExtensions interpreted a variable as signed
  instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes),
  leading to DoS or remote code execution (bsc#1102068).
- CVE-2018-14598: A malicious server could have sent a reply in which the first
  string overflows, causing a variable to be set to NULL that will be freed later
  on, leading to DoS (segmentation fault) (bsc#1102073).

This non-security issue was fixed:

- Make use of the new 64-bit sequence number API in XCB 1.11.1 to avoid the 32-bit
  sequence number wrap in libX11 (bsc#1094327).

libxcb:

- Expose 64-bit sequence number from XCB API so that Xlib and others can use it even
  on 32-bit environment. (bsc#1094327)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2217-1
Released:    Fri Oct 12 15:07:24 2018
Summary:     Recommended update for bash
Type:        recommended
Severity:    moderate
References:  1094121,1107430
Description:

This update for bash provides the following fixes:

- Fix an inconsistent behaviour regarding expansion of here strings. (bsc#1094121)
- Fix mis-matching of null string with '*' pattern. (bsc#1107430)
- Fix a crash when the lastpipe option is enabled.
- Fix a typo that was preventing the `compat42' shopt option from working as intended.
- Help the shell to process any pending traps at redirection.
- Fix a crashe due to incorrect conversion from an indexed to associative array.
- Avoid the expansion of escape sequences in HOSTNAME in prompt.
- Avoid `xtrace' attack over $PS4.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2373-1
Released:    Mon Oct 22 14:43:47 2018
Summary:     Security update for rpm
Type:        security
Severity:    moderate
References:  1077692,943457,CVE-2017-7500,CVE-2017-7501
Description:

This update for rpm fixes the following issues:

These security issues were fixed:

- CVE-2017-7500: rpm did not properly handle RPM installations when a
  destination path was a symbolic link to a directory, possibly changing
  ownership and permissions of an arbitrary directory, and RPM files being placed
  in an arbitrary destination (bsc#943457).
- CVE-2017-7501: rpm used temporary files with predictable names when
  installing an RPM. An attacker with ability to write in a directory where files
  will be installed could create symbolic links to an arbitrary location and
  modify content, and possibly permissions to arbitrary files, which could be
  used for denial of service or possibly privilege escalation (bsc#943457)

This non-security issue was fixed:

- Use ksym-provides tool [bsc#1077692]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2375-1
Released:    Mon Oct 22 15:30:22 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1106853,1108627,1108637,1110358,CVE-2017-11613,CVE-2017-9935,CVE-2018-16335,CVE-2018-17100,CVE-2018-17101,CVE-2018-17795
Description:

This update for tiff fixes the following issues:

- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2435-1
Released:    Wed Oct 24 14:42:43 2018
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1015254,1091677,1093753,1105031,1107640,1107941,1109197,991901
Description:

This update for systemd fixes the following issues:

- detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197)
- emergency: make sure console password agents don't interfere with the emergency shell
- units: remove udev control socket when systemd stops the socket unit (#4039) (bsc#1015254)
- man: document that 'nofail' also has an effect on ordering
- journald: take leading spaces into account in syslog_parse_identifier
- journal: do not remove multiple spaces after identifier in syslog message
- syslog: fix segfault in syslog_parse_priority()
- journal: fix syslog_parse_identifier()
- tmpfiles: don't adjust qgroups on existing subvolumes (bsc#1093753)
- socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails (bsc#991901)
- user at .service: don't kill user manager at runlevel switch (bsc#1091677)
- units: make sure user at .service runs with dbus still up
- fix race between daemon-reload and other commands (bsc#1105031)
- nspawn: always use mode 555 for /sys (bsc#1107640)
- cryptsetup: do not define arg_sector_size if libgcrypt is v1.x (#9990)
- Enable or disable machines.target according to the presets (bsc#1107941)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2475-1
Released:    Thu Oct 25 16:56:24 2018
Summary:     Recommended update for libzypp
Type:        recommended
Severity:    moderate
References:  1099982,1109877,408814,556664,939392
Description:

This update for libzypp fixes the following issues:

- Add filesize check for downloads with known size (bsc#408814)
- Fix conversion of string and glob to regex when compiling queries
  (bsc#1099982, bsc#939392, bsc#556664)
- Fix blocking wait for finished child process (bsc#1109877)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2488-1
Released:    Fri Oct 26 12:39:59 2018
Summary:     Recommended update for cpio
Type:        recommended
Severity:    low
References:  1076810,889138
Description:

This update for cpio provides the following fix:

- Remove an obsolete patch that was causing cpio not to preserve folder permissions.
  (bsc#1076810, bsc#889138)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2516-1
Released:    Mon Oct 29 16:14:48 2018
Summary:     Recommended update for console-setup, kbd
Type:        recommended
Severity:    moderate
References:  1010880,1027379,1056449,1062303,1069468,1085432,360993,675317,825385,830805,958562,963942,984958
Description:

This update for kbd and console-setup provides the following fixes:

Changes in console-setup:

- Add console-setup to SLE 12 to make it possible for kbd to provide converted X keymaps.
  (fate#325454, fate#318426)
- Make the package build reproducible. (bsc#1062303)
- Removed unneeded requires to kbd in order to resolve build cycle between kbd and
  console-setup. (bsc#963942)

Changes in kbd:
- Update to version 2.0.4, including the following fixes (FATE#325454):
    * Disable characters greater than or equal to =U+F000 as they do not work properly.
      (bsc#1085432)
    * Move initial NumLock handling from systemd back to kbd:
      * Add kbdsettings service. (bsc#1010880)
      * Exclude numlockbios support for non x86 platforms
    * Drop references to KEYTABLE and COMPOSETABLE. (bsc#1010880)
    * Drop from some fill-up templates and a couple of sysconfig variables not read by
      systemd anymore. (fate#319454)
    * Replace references to /var/adm/fillup-templates with new %_fillupdir macro. (bsc#1069468)
    * Add vlock.pamd PAM file. (bsc#1056449)
    * Enable vlock (bsc#1056449).
    * Revert dropping of kdb-legacy requirement as there are still packages and installation
      flows that needs this to be present. (bsc#1027379)
    * Fix data/keymaps/i386/querty/br-abnt2.map. (bsc#984958)
    * Fix missing dependency on coreutils for initrd macros. (bsc#958562)
    * Call missing initrd macro at postun. (bsc#958562)
    * Add the genmap4systemd.sh tool to generate entries for systemd's kbd-model-map table
      from xkeyboard-config converted keymaps. (fate#318426)
    * genmap4systemd.sh: Use 'abnt2' model for 'br' layouts, 'jp106' model for 'jp' layouts
      and 'microsoftpro' for anything else (instead of 'pc105' previously used). (fate#318426)
    * Include xkb layouts from xkeyboard-config converted to console
      keymaps. (fate#318426)
    * euro.map, euro1.map and euro2.map now produce correct unicode character for Euro sign.
      (bsc#360993)
    * Drop doshell reference from openvt.1 man page. (bsc#675317)
    * Drop the --userwait option as it is not used. (bsc#830805)
    * Fix a typo in the mac-querty-layout.inc. (bsc#825385)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2525-1
Released:    Tue Oct 30 09:22:45 2018
Summary:     Recommended update for bash
Type:        recommended
Severity:    important
References:  1113117
Description:

This update for bash fixes the following issues:

  Recently released update introduced a change of behavior which
  resulted in broken customers scripts. (bsc#1113117)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2563-1
Released:    Fri Nov  2 17:09:49 2018
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1112758,1113660,CVE-2018-16840,CVE-2018-16842
Description:

This update for curl fixes the following issues:

- CVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2567-1
Released:    Fri Nov  2 18:59:06 2018
Summary:     Recommended update for apparmor
Type:        recommended
Severity:    moderate
References:  1047937,1057150,1057900,1099452,906858
Description:


This update for apparmor provides the following fixes:

- Add profile for usr.bin.lessopen.sh (bsc#906858)
- Fix dovecot apparmor profile (bsc#1057150)
- Fix creating profile rules from scanned logs when the chown operation is used (bsc#1047937)
- Fix the traceroute profile to allow ipv6 usage (bsc#1057900)
- Fix duplicate entry of capability when performing aa-logprof (bsc#1099452)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2593-1
Released:    Wed Nov  7 11:04:00 2018
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  1095148,1113100
Description:

This update for rpm fixes the following issues:

- Fix superfluous TOC. dependency on PowerPC64 (bsc#1113100)
- Update to current find-provides.ksyms and find-requires.ksyms
  scripts (bsc#1095148)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2659-1
Released:    Wed Nov 14 14:14:41 2018
Summary:     Security update for systemd
Type:        security
Severity:    important
References:  1106923,1108835,1109252,1110445,1111278,1112024,1113083,1113632,1113665,CVE-2018-15686,CVE-2018-15688
Description:


This update for systemd fixes the following issues:

Security issues fixed:

- CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632)
- CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665)

Non-security issues fixed:

- dhcp6: split assert_return() to be more debuggable when hit
- core: skip unit deserialization and move to the next one when unit_deserialize() fails
- core: properly handle deserialization of unknown unit types (#6476)
- core: don't create Requires for workdir if 'missing ok' (bsc#1113083)
- logind: use manager_get_user_by_pid() where appropriate
- logind: rework manager_get_{user|session}_by_pid() a bit
- login: fix user at .service case, so we don't allow nested sessions (#8051) (bsc#1112024)
- core: be more defensive if we can't determine per-connection socket peer (#7329)
- socket-util: introduce port argument in sockaddr_port()
- service: fixup ExecStop for socket-activated shutdown (#4120)
- service: Continue shutdown on socket activated unit on termination (#4108) (bsc#1106923)
- cryptsetup: build fixes for 'add support for sector-size= option'
- udev-rules: IMPORT cmdline does not recognize keys with similar names (bsc#1111278)
- core: keep the kernel coredump defaults when systemd-coredump is disabled
- core: shorten main() a bit, split out coredump initialization
- core: set RLIMIT_CORE to unlimited by default (bsc#1108835)
- core/mount: fstype may be NULL
- journald: don't ship systemd-journald-audit.socket (bsc#1109252)
- core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445)
- mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076)
- tmp.mount.hm4: After swap.target (#3087)

- Ship systemd-sysv-install helper via the main package
  This script was part of systemd-sysvinit sub-package but it was
  wrong since systemd-sysv-install is a script used to redirect
  enable/disable operations to chkconfig when the unit targets are
  sysv init scripts. Therefore it's never been a SySV init tool.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2760-1
Released:    Thu Nov 22 16:25:38 2018
Summary:     Security update for openssl
Type:        security
Severity:    moderate
References:  1112209,1113534,1113652,1113742,CVE-2018-0734,CVE-2018-5407
Description:

This update for openssl fixes the following issues:

Security issues fixed:

- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- Add missing timing side channel patch for DSA signature generation (bsc#1113742).

Non-security issues fixed:

- Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2766-1
Released:    Fri Nov 23 17:07:27 2018
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  943457,CVE-2017-7500,CVE-2017-7501
Description:

This update for rpm fixes the following issues:

These security issues were fixed:

- CVE-2017-7500: rpm did not properly handle RPM installations when a
  destination path was a symbolic link to a directory, possibly changing
  ownership and permissions of an arbitrary directory, and RPM files being placed
  in an arbitrary destination (bsc#943457).
- CVE-2017-7501: rpm used temporary files with predictable names when
  installing an RPM. An attacker with ability to write in a directory where files
  will be installed could create symbolic links to an arbitrary location and
  modify content, and possibly permissions to arbitrary files, which could be
  used for denial of service or possibly privilege escalation (bsc#943457)

This is a reissue of the above security fixes for SUSE Linux Enterprise 12 GA, SP1 and SP2 LTSS,
they have already been released for SUSE Linux Enterprise Server 12 SP3.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1697-1
Released:    Fri Nov 23 17:08:32 2018
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1064455,1090766,1097410,CVE-2018-0495
Description:

This update for libgcrypt fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for
  ECDSA signatures (bsc#1097410).

The following other issues were fixed:

- Extended the fipsdrv dsa-sign and dsa-verify commands with the
  --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).
- Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1696-1
Released:    Mon Nov 26 17:46:39 2018
Summary:     Security update for procps
Type:        security
Severity:    moderate
References:  1092100,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124,CVE-2018-1125,CVE-2018-1126
Description:

This update for procps fixes the following security issues:

- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
  with HOME unset in an attacker-controlled directory, the attacker could have
  achieved privilege escalation by exploiting one of several vulnerabilities in
  the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
  Inbuilt protection in ps maped a guard page at the end of the overflowed
  buffer, ensuring that the impact of this flaw is limited to a crash (temporary
  denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
  corruption in file2strvec function. This allowed a privilege escalation for a
  local attacker who can create entries in procfs by starting processes, which
  could result in crashes or arbitrary code execution in proc utilities run by
  other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
  mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
  truncation/integer overflow issues (bsc#1092100).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2782-1
Released:    Mon Nov 26 17:46:59 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1099257,1113094,1113672,CVE-2018-12900,CVE-2018-18557,CVE-2018-18661
Description:

This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).                                                                                             
- CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).                                                                               
- CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094).

Non-security issues fixed:

- asan_build: build ASAN included
- debug_build: build more suitable for debugging

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1618-1
Released:    Tue Nov 27 13:39:49 2018
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1072947,1078662,1080740,1084300,CVE-2018-7738
Description:

This update for util-linux fixes the following issues:

This non-security issue was fixed:

- CVE-2018-7738: bash-completion/umount allowed local users to gain privileges
  by embedding shell commands in a mountpoint name, which was mishandled during a
  umount command by a different user (bsc#1084300).

These non-security issues were fixed:

- Fixed crash loop in lscpu (bsc#1072947).
- Fixed possible segfault of umount -a
- Fixed mount -a on NFS bind mounts (bsc#1080740).
- Fixed lsblk on NVMe (bsc#1078662).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2824-1
Released:    Mon Dec  3 15:34:09 2018
Summary:     Security update for ncurses
Type:        security
Severity:    important
References:  1115929,CVE-2018-19211
Description:

This update for ncurses fixes the following issue:

Security issue fixed:

- CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2836-1
Released:    Wed Dec  5 09:29:31 2018
Summary:     Recommended update for apparmor
Type:        recommended
Severity:    moderate
References:  1111965,1113125
Description:

This update for apparmor fixes the following issues:

- Systemd aware apparmor.spec, remove old insserv from spec file (bsc#1113125)
- Fix warnings produced because of use of uninitialized variables (bsc#1111965)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2840-1
Released:    Wed Dec  5 09:57:54 2018
Summary:     Recommended update for permissions
Type:        recommended
Severity:    moderate
References:  1028304,1047247,1050467,1097665,1111251
Description:

This update for permissions fixes the following issues:

- Allow setuid root for start-suid tool of singularity (group only) bsc#1028304
- Allow setuid root for authbind binary (bsc#1111251)
- A incorrect error message was adjusted (bsc#1047247 bsc#1097665)
- Make btmp root:utmp (bsc#1050467)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2841-1
Released:    Wed Dec  5 09:59:45 2018
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1105236,1110661,1112858
Description:

This update for glibc fixes the following issues:

- Added more checks for valid ld.so.cache file (bsc#1110661)
- Rewrite elf_machine_load_address using _DYNAMIC symbol (bsc#1112858)
- Always use __IPC_64 on powerpc as required by the kernel (bsc#1105236)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2906-1
Released:    Tue Dec 11 21:48:05 2018
Summary:     Recommended update for blog
Type:        recommended
Severity:    moderate
References:  1071568
Description:

This update for blog fixes the following issues:

- Hardening of the console list generation (bsc#1071568)
- Changed description of blog-plymouth in same manner as used by the release notes

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2947-1
Released:    Mon Dec 17 08:51:28 2018
Summary:     Security update for openldap2
Type:        security
Severity:    moderate
References:  1073313,CVE-2017-17740
Description:

This update for openldap2 fixes the following issues:

Security issue fixed:

- CVE-2017-17740: When both the nops module and the memberof overlay
  are enabled, attempts to free a buffer that was allocated on the stack,
  which allows remote attackers to cause a denial of service (slapd crash)
  via a member MODDN operation.  (bsc#1073313)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2991-1
Released:    Wed Dec 19 14:17:13 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1017693,1054594,1115717,990460,CVE-2016-10092,CVE-2016-10093,CVE-2016-10094,CVE-2016-6223,CVE-2017-12944,CVE-2018-19210
Description:

This update for tiff fixes the following issues:

Security issues fixed:                                   
    
- CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function (bsc#1115717).
- CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function (bsc#1054594).
- CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
- CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
- CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
- CVE-2016-6223: Fixed out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() (bsc#990460).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:3029-1
Released:    Fri Dec 21 17:34:05 2018
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  1117355
Description:

This update for libgcrypt provides the following fix:

- Fail selftests when checksum file is missing in FIPS mode only. (bsc#1117355)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:43-1
Released:    Tue Jan  8 13:07:17 2019
Summary:     Recommended update for acl
Type:        recommended
Severity:    low
References:  953659
Description:

This update for acl fixes the following issues:

- quote: Escape literal backslashes (bsc#953659).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:111-1
Released:    Thu Jan 17 14:18:31 2019
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1120489,CVE-2018-20217
Description:

This update for krb5 fixes the following issues:

Security issue fixed:

- CVE-2018-20217: Fixed an assertion issue with older encryption types (bsc#1120489)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:135-1
Released:    Mon Jan 21 13:53:58 2019
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1005023,1076696,1101591,1114981,1115518,1119971,1120323,CVE-2018-16864,CVE-2018-16865,CVE-2018-16866
Description:

This update for systemd provides the following fixes:

Security issues fixed:

- CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)
- CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
- Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)

Non-security issues fixed:

- core: Queue loading transient units after setting their properties. (bsc#1115518)
- logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)
- terminal-util: introduce vt_release() and vt_restore() helpers.
- terminal: Unify code for resetting kbd utf8 mode a bit.
- terminal Reset should honour default_utf8 kernel setting.
- logind: Make session_restore_vt() static.
- udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)
- log: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)
- udev: Ignore the exit code of systemd-detect-virt for memory hot-add.  In SLE-12-SP3,
  80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to
  detect non-zvm environment. The systemd-detect-virt returns exit failure code when it
  detected _none_ state.  The exit failure code causes that the hot-add memory block can
  not be set to online. (bsc#1076696)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:143-1
Released:    Tue Jan 22 14:21:55 2019
Summary:     Recommended update for ncurses
Type:        recommended
Severity:    important
References:  1121450
Description:


This update for ncurses fixes the following issues:

- ncurses applications freezing (bsc#1121450)



More information about the sle-security-updates mailing list