SUSE-SU-2013:1750-1: important: Security update for Real Time Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Nov 22 00:04:27 MST 2013


   SUSE Security Update: Security update for Real Time Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:1750-1
Rating:             important
References:         #754690 #763463 #794824 #797526 #800875 #804950 
                    #808079 #816099 #820848 #821259 #821465 #821948 
                    #822433 #822942 #825291 #826102 #827246 #827416 
                    #827966 #828714 #828894 #829682 #830985 #831029 
                    #831143 #831380 #832292 #833097 #833151 #833321 
                    #833588 #833635 #833820 #833858 #834204 #834600 
                    #834905 #835094 #835189 #835684 #835930 #836218 
                    #836347 #836801 #837372 #837596 #837741 #837803 
                    #838346 #838448 #839407 #839973 #840830 #841050 
                    #841094 #841402 #841498 #841656 #842057 #842063 
                    #842604 #842820 #843429 #843445 #843642 #843645 
                    #843732 #843753 #843950 #844513 #845352 #847319 
                    
Cross-References:   CVE-2013-2206
Affected Products:
                    SUSE Linux Enterprise Real Time Extension 11 SP3
______________________________________________________________________________

   An update that solves one vulnerability and has 71 fixes is
   now available. It includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 3 RealTime
   Extension kernel was  updated to version 3.0.101 to fix
   various bugs and security issues.

   The following features have been added:

   * Drivers: hv: Support handling multiple VMBUS versions
   (FATE#314665).
   * Drivers: hv: Save and export negotiated vmbus version
   (FATE#314665).
   * Drivers: hv: Move vmbus version definitions to
   hyperv.h (FATE#314665).

   The following security issue has been fixed:

   * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
   in net/sctp/sm_statefuns.c in the SCTP implementation in
   the Linux kernel did not properly handle associations
   during the processing of a duplicate COOKIE ECHO chunk,
   which allowed remote attackers to cause a denial of service
   (NULL pointer dereference and system crash) or possibly
   have unspecified other impact via crafted SCTP traffic.
   (bnc#826102)

   The following non-security bugs have been fixed:

   * kernel: sclp console hangs (bnc#841498, LTC#95711).
   * kernel: allow program interruption filtering in user
   space (bnc#837596, LTC#97332).
   * Audit: do not print error when LSMs disabled
   (bnc#842057).
   * i2c: ismt: initialize DMA buffer (bnc#843753).
   * powerpc/irq: Run softirqs off the top of the irq
   stack (bnc#847319).
   * softirq: reduce latencies (bnc#797526).
   * softirq: Fix lockup related to stop_machine being
   stuck in __do_softirq (bnc#797526).
   * thp: reduce khugepaged freezing latency (khugepaged
   blocking suspend-to-ram (bnc#825291)).
   * X.509: Remove certificate date checks (bnc#841656).
   * splice: fix racy pipe->buffers uses (bnc#827246).
   * blktrace: fix race with open trace files and
   directory removal (bnc#832292).
   * writeback: Do not sync data dirtied after sync start
   (bnc#833820).
   * elousb: some systems cannot stomach work around
   (bnc#840830).
   * bounce: allow use of bounce pool via config option
   (Bounce memory pool initialisation (bnc#836347)).
   * block: initialize the bounce pool if high memory may
   be added later (Bounce memory pool initialization
   (bnc#836347)).
   * config/debug: Enable FSCACHE_DEBUG and
   CACHEFILES_DEBUG (bnc#837372).
   * xhci: Fix spurious wakeups after S5 on Haswell
   (bnc#833097).
   * cio: add message for timeouts on internal I/O
   (bnc#837741,LTC#97048).
   * elousb: some systems cannot stomach work around
   (bnc#830985).
   * s390/cio: handle unknown pgroup state
   (bnc#837741,LTC#97048).
   * s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
   * s390/cio: skip broken paths (bnc#837741,LTC#97048).
   * s390/cio: dont abort verification after missing irq
   (bnc#837741,LTC#97048).
   * bio-integrity: track owner of integrity payload
   (bnc#831380).
   * iommu/vt-d: add quirk for broken interrupt remapping
   on 55XX chipsets (bnc#844513).
   * x86/iommu/vt-d: Expand interrupt remapping quirk to
   cover x58 chipset (bnc#844513).
   * iommu/vt-d: Only warn about broken interrupt
   remapping (bnc#844513).
   * iommu: Remove stack trace from broken irq remapping
   warning (bnc#844513).
   * intel-iommu: Fix leaks in pagetable freeing
   (bnc#841402).
   * mm: Do not walk all of system memory during show_mem
   (Reduce tasklist_lock hold times (bnc#821259)).
   * mm, memcg: introduce own oom handler to iterate only
   over its own threads.
   * mm, memcg: move all oom handling to memcontrol.c.
   * mm, oom: avoid looping when chosen thread detaches
   its mm.
   * mm, oom: fold oom_kill_task() into oom_kill_process().
   * mm, oom: introduce helper function to process threads
   during scan.
   * mm, oom: reduce dependency on tasklist_lock. (Reduce
   tasklist_lock hold times (bnc#821259).
   * mm: vmscan: Do not continue scanning if reclaim was
   aborted for compaction (Limit reclaim in the preserve of IO
   (bnc#754690)).
   * mm: vmscan: take page buffers dirty and locked state
   into account (Limit reclaim in the preserve of IO
   (bnc#754690)).
   * mm: vmscan: treat pages marked for immediate reclaim
   as zone congestion (Limit reclaim in the preserve of IO
   (bnc#754690)).
   * mm: vmscan: move direct reclaim wait_iff_congested
   into shrink_list (Limit reclaim in the preserve of IO
   (bnc#754690)).
   * mm: vmscan: set zone flags before blocking (Limit
   reclaim in the preserve of IO (bnc#754690)).
   * mm: vmscan: stall page reclaim after a list of pages
   have been processed (Limit reclaim in the preserve of IO
   (bnc#754690)).
   * mm: vmscan: stall page reclaim and writeback pages
   based on dirty/writepage pages encountered (Limit reclaim
   in the reserve of IO (bnc#754690)).
   * mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP
   areas (bnc#822942).
   * Update EC2 config files (STRICT_DEVMEM off,
   bnc#843732).
   * Fixed Xen guest freezes (bnc#829682, bnc#842063).
   * rcu: Do not trigger false positive RCU stall
   detection (bnc#834204).
   * libata: Set proper SK when CK_COND is set
   (bnc#833588).
   * libata: Set proper Sense Key for Check Condition
   (bnc#833588).
   * lib/radix-tree.c: make radix_tree_node_alloc() work
   correctly within interrupt (bnc#763463).
   * md: Throttle number of pending write requests in
   md/raid10 (bnc#833858).
   * dm: ignore merge_bvec for snapshots when safe
   (bnc#820848).
   * fs: do_add_mount()/umount -l races (bnc#836801).
   * SUNRPC: close a rare race in xs_tcp_setup_socket
   (bnc#794824).
   * NFS: make nfs_flush_incompatible more generous
   (bnc#816099).
   * NFS: don't try to use lock state when we hold a
   delegation (bnc#831029).
   * NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).
   * cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields
   (bnc#804950).
   * xfs: growfs: use uncached buffers for new headers
   (bnc#842604).
   * xfs: avoid double-free in xfs_attr_node_addname.
   * xfs: Check the return value of xfs_buf_get()
   (bnc#842604).
   * cifs: revalidate directories instiantiated via FIND_*
   in order to handle DFS referrals (bnc#831143).
   * cifs: don't instantiate new dentries in readdir for
   inodes that need to be revalidated immediately (bnc#831143).
   * cifs: rename cifs_readdir_lookup to cifs_prime_dcache
   and make it void return (bnc#831143).
   * cifs: get rid of blind d_drop() in readdir
   (bnc#831143).
   * cifs: cleanup cifs_filldir (bnc#831143).
   * cifs: on send failure, readjust server sequence
   number downward (bnc#827966).
   * cifs: adjust sequence number downward after signing
   NT_CANCEL request (bnc#827966).
   * cifs: on send failure, readjust server sequence
   number downward (bnc#827966).
   * cifs: adjust sequence number downward after signing
   NT_CANCEL request (bnc#827966).
   * reiserfs: fix race with flush_used_journal_lists and
   flush_journal_list (bnc#837803).
   * reiserfs: remove useless flush_old_journal_lists.
   * mvsas: add support for 9480 device id (bnc#843950).
   * drm/i915: Disable GGTT PTEs on GEN6+ suspend
   (bnc#800875).
   * drm/i915/hsw: Disable L3 caching of atomic memory
   operations (bnc#800875).
   * r8169: fix argument in rtl_hw_init_8168g
   (bnc#845352,bnc#842820).
   * r8169: support RTL8168G (bnc#845352,bnc#842820).
   * r8169: abstract out loop conditions
   (bnc#845352,bnc#842820).
   * r8169: mdio_ops signature change
   (bnc#845352,bnc#842820).
   * megaraid_sas: Disable controller reset for ppc
   (bnc#841050).
   * scsi_dh_alua: simplify alua_check_sense()
   (bnc#843642).
   * scsi_dh_alua: Fix missing close brace in
   alua_check_sense (bnc#843642).
   * scsi_dh_alua: retry command on 'mode parameter
   changed' sense code (bnc#843645).
   * scsi_dh_alua: invalid state information for
   'optimized' paths (bnc#843445).
   * scsi_dh_alua: reattaching device handler fails with
   'Error 15' (bnc#843429).
   * iscsi: don't hang in endless loop if no targets
   present (bnc#841094).
   * scsi_dh_alua: Allow get_alua_data() to return NULL
   (bnc#839407).
   * quirks: add touchscreen that is dazzeled by remote
   wakeup (bnc#835930).
   * bnx2x: Change to D3hot only on removal (bnc#838448).
   * tty/hvc_iucv: Disconnect IUCV connection when
   lowering DTR (bnc#839973,LTC#97595).
   * tty/hvc_console: Add DTR/RTS callback to handle HUPCL
   control (bnc#839973,LTC#97595).
   * series.conf: disable XHCI ring expansion patches
   because on machines with large memory they cause a
   starvation problem (bnc#833635)
   * Drivers: hv: util: Fix a bug in version negotiation
   code for util services (bnc#828714).
   * Drivers: hv: util: Correctly support ws2008R2 and
   earlier (bnc#838346).
   * Drivers: hv: vmbus: Do not attempt to negoatiate a
   new version prematurely.
   * Drivers: hv: util: Correctly support ws2008R2 and
   earlier (bnc#838346).
   * Drivers: hv: vmbus: Terminate vmbus version
   negotiation on timeout.
   * Drivers: hv: util: Fix a bug in version negotiation
   code for util services (bnc#828714).
   * Drivers: hv: balloon: Initialize the transaction ID
   just before sending the packet.
   * Drivers: hv: remove HV_DRV_VERSION.
   * Drivers: hv: vmbus: Fix a bug in the handling of
   channel offers.
   * Drivers: hv: util: Fix a bug in util version
   negotiation code (bnc#838346).
   * mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
   mlx4_ib_create_qp() (bnc#822433).
   * drm/i915: disable sound first on intel_disable_ddi
   (bnc#833151).
   * ALSA: hda - Re-setup HDMI pin and audio infoframe on
   stream switches (bnc#833151).
   * drm/i915: HDMI/DP - ELD info refresh support for
   Haswell (bnc#833151).
   * drm/cirrus: This is a cirrus version of Egbert Eich's
   patch for mgag200 (bnc#808079).
   * vmxnet3: prevent div-by-zero panic when ring resizing
   uninitialized dev (bnc#833321).
   * net/mlx4_en: Fix BlueFlame race (bnc#835684).
   * be2net: Check for POST state in suspend-resume
   sequence (bnc#835189).
   * be2net: bug fix on returning an invalid nic
   descriptor (bnc#835189).
   * be2net: provision VF resources before enabling SR-IOV
   (bnc#835189).
   * be2net: Fix firmware download for Lancer (bnc#835189).
   * be2net: Fix to use version 2 of cq_create for
   SkyHawk-R devices (bnc#835189).
   * be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).
   * be2net: Avoid flashing BE3 UFI on BE3-R chip
   (bnc#835189).
   * be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).
   * ipv6: don't call fib6_run_gc() until routing is ready
   (bnc#836218).
   * ipv6: prevent fib6_run_gc() contention (bnc#797526).
   * ipv6: update ip6_rt_last_gc every time GC is run
   (bnc#797526).
   * netfilter: nf_conntrack: use RCU safe kfree for
   conntrack extensions (bnc#827416 bko#60853
   bugzilla.netfilter.org:714).
   * netfilter: prevent race condition breaking net
   reference counting (bnc#835094).
   * sctp: deal with multiple COOKIE_ECHO chunks
   (bnc#826102).
   * net: remove skb_orphan_try() (bnc#834600).
   * bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
   (bnc#834905).
   * tools: hv: Improve error logging in VSS daemon.
   * tools: hv: Check return value of poll call.
   * tools: hv: Check return value of setsockopt call.
   * Tools: hv: fix send/recv buffer allocation.
   * Tools: hv: check return value of daemon to fix
   compiler warning.
   * Tools: hv: in kvp_set_ip_info free mac_addr right
   after usage.
   * Tools: hv: check return value of system in
   hv_kvp_daemon.
   * Tools: hv: correct payload size in netlink_send.
   * Tools: hv: use full nlmsghdr in netlink_send.
   * rpm/old-flavors, rpm/mkspec: Add version information
   to obsolete flavors (bnc#821465).
   * rpm/kernel-binary.spec.in: Move the xenpae obsolete
   to the old-flavors file.
   * rpm/old-flavors: Convert the old-packages.conf file
   to a flat list.
   * rpm/old-packages.conf: Drop bogus obsoletes for "smp"
   (bnc#821465).
   * rpm/kernel-binary.spec.in: Make sure that all KMP
   obsoletes are versioned (bnc#821465).
   * rpm/kernel-binary.spec.in: Remove unversioned
   provides/obsoletes for packages that were only seen in
   openSUSE releases up to 11.0. (bnc#821465).
   * sched/workqueue: Only wake up idle workers if not
   blocked on sleeping spin lock.
   * genirq: Set irq thread to RT priority on creation.
   * timers: prepare for full preemption improve.
   * kernel/cpu: fix cpu down problem if kthread's cpu is
   going down.
   * kernel/hotplug: restore original cpu mask oncpu/down.
   * drm/i915: drop trace_i915_gem_ring_dispatch on rt.
   * rt,ntp: Move call to schedule_delayed_work() to
   helper thread.
   * hwlat-detector: Update hwlat_detector to add outer
   loop detection.
   * hwlat-detect/trace: Export trace_clock_local for
   hwlat-detector.
   * hwlat-detector: Use trace_clock_local if available.
   * hwlat-detector: Use thread instead of stop machine.
   * genirq: do not invoke the affinity callback via a
   workqueue.
   * Btrfs: fix negative qgroup tracking from owner
   accounting (bnc#821948).
   * Btrfs: add missing error checks to
   add_data_references.
   * Btrfs: change how we queue blocks for backref
   checking.
   * Btrfs: add missing error handling to read_tree_block.
   * Btrfs: handle errors when doing slow caching.
   * Btrfs: fix inode leak on kmalloc failure in
   tree-log.c.
   * Btrfs: don't ignore errors from
   btrfs_run_delayed_items.
   * Btrfs: fix oops when writing dirty qgroups to disk.
   * Btrfs: do not clear our orphan item runtime flag on
   eexist.
   * Btrfs: remove ourselves from the cluster list under
   lock.
   * Btrfs: remove unnecessary ->s_umount in
   cleaner_kthread().
   * Btrfs: make the cleaner complete early when the fs is
   going to be umounted.
   * Btrfs: move the R/O check out of
   btrfs_clean_one_deleted_snapshot().
   * Btrfs: make the snap/subv deletion end more early
   when the fs is R/O.
   * Btrfs: optimize key searches in btrfs_search_slot.
   * Btrfs: fix printing of non NULL terminated string.
   * Btrfs: fix memory leak of orphan block rsv.
   * Btrfs: don't miss inode ref items in
   BTRFS_IOC_INO_LOOKUP.
   * Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
   handler.
   * Btrfs: fix the error handling wrt orphan items.
   * Btrfs: don't allow a subvol to be deleted if it is
   the default subovl.
   * Btrfs: return ENOSPC when target space is full.
   * Btrfs: don't bug_on when we fail when cleaning up
   transactions.
   * Btrfs: add missing mounting options in
   btrfs_show_options().
   * Btrfs: use u64 for subvolid when parsing mount
   options.
   * Btrfs: add sanity checks regarding to parsing mount
   options.
   * Btrfs: cleanup reloc roots properly on error.
   * Btrfs: reset ret in record_one_backref.
   * Btrfs: fix get set label blocking against balance.
   * Btrfs: fall back to global reservation when removing
   subvolumes.
   * Btrfs: Release uuid_mutex for shrink during device
   delete.
   * Btrfs: update fixups from 3.11
   * Btrfs: add ioctl to wait for qgroup rescan completion.
   * Btrfs: remove useless copy in quota_ctl.
   * Btrfs: do delay iput in sync_fs.
   * Btrfs: fix estale with btrfs send.
   * Btrfs: return error code in
   btrfs_check_trunc_cache_free_space().
   * Btrfs: dont do log_removal in insert_new_root.
   * Btrfs: check if leaf's parent exists before pushing
   items around.
   * Btrfs: allow file data clone within a file.
   * Btrfs: simplify unlink reservations.
   * Btrfs: fix qgroup rescan resume on mount.
   * Btrfs: do not pin while under spin lock.
   * Btrfs: add some missing iput()'s in
   btrfs_orphan_cleanup.
   * Btrfs: put our inode if orphan cleanup fails.
   * Btrfs: exclude logged extents before replying when we
   are mixed.
   * Btrfs: fix broken nocow after balance.
   * Btrfs: wake up delayed ref flushing waiters on abort.
   * Btrfs: stop waiting on current trans if we aborted.
   * Btrfs: fix transaction throttling for delayed refs.
   * Btrfs: free csums when we're done scrubbing an extent.
   * Btrfs: unlock extent range on enospc in compressed
   submit.
   * Btrfs: stop using try_to_writeback_inodes_sb_nr to
   flush delalloc.
   * Btrfs: check if we can nocow if we don't have data
   space.
   * Btrfs: cleanup orphaned root orphan item.
   * Btrfs: hold the tree mod lock in
   __tree_mod_log_rewind.
   * Btrfs: only do the tree_mod_log_free_eb if this is
   our last ref.
   * Btrfs: wait ordered range before doing direct io.
   * Btrfs: update drop progress before stopping snapshot
   dropping.
   * Btrfs: fix lock leak when resuming snapshot deletion.
   * Btrfs: re-add root to dead root list if we stop
   dropping it.
   * Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
   specified.
   * Btrfs: fix a bug of snapshot-aware defrag to make it
   work on partial extents.
   * Btrfs: fix extent buffer leak after backref walking.
   * Btrfs: do not offset physical if we're compressed.
   * Btrfs: fix backref walking when we hit a compressed
   extent.
   * Btrfs: make sure the backref walker catches all refs
   to our extent.
   * Btrfs: release both paths before logging dir/changed
   extents.
   * Btrfs: add btrfs_fs_incompat helper.
   * Btrfs: merge save_error_info helpers into one.
   * Btrfs: clean up transaction abort messages.
   * Btrfs: cleanup unused arguments of btrfs_csum_data.
   * Btrfs: use helper to cleanup tree roots.
   * Btrfs: share stop worker code.
   * Btrfs: Cleanup some redundant codes in
   btrfs_lookup_csums_range().
   * Btrfs: clean snapshots one by one.
   * Btrfs: deprecate subvolrootid mount option.
   * Btrfs: make orphan cleanup less verbose.
   * Btrfs: cover more error codes in btrfs_decode_error.
   * Btrfs: make subvol creation/deletion killable in the
   early stages.
   * Btrfs: fix a warning when disabling quota.
   * Btrfs: fix infinite loop when we abort on mount.
   * Btrfs: compare relevant parts of delayed tree refs.
   * Btrfs: kill some BUG_ONs() in the find_parent_nodes().
   * Btrfs: fix double free in the iterate_extent_inodes().
   * Btrfs: fix error handling in make/read block group.
   * Btrfs: don't wait on ordered extents if we have a
   trans open.
   * Btrfs: log ram bytes properly.
   * Btrfs: fix bad extent logging.
   * Btrfs: improve the performance of the csums lookup.
   * Btrfs: ignore device open failures in
   __btrfs_open_devices.
   * Btrfs: abort unlink trans in missed error case.
   * Btrfs: creating the subvolume qgroup automatically
   when enabling quota.
   * Btrfs: introduce a mutex lock for btrfs quota
   operations.
   * Btrfs: remove some unnecessary spin_lock usages.
   * Btrfs: fix missing check before creating a qgroup
   relation.
   * Btrfs: fix missing check in the
   btrfs_qgroup_inherit().
   * Btrfs: fix a warning when updating qgroup limit.
   * Btrfs: use tree_root to avoid edquot when disabling
   quota.
   * Btrfs: remove some BUG_ONs() when walking backref
   tree.
   * Btrfs: make __merge_refs() return type be void.
   * Btrfs: add a rb_tree to improve performance of ulist
   search.
   * Btrfs: fix unblocked autodefraggers when remount.
   * Btrfs: fix tree mod log regression on root split
   operations.
   * Btrfs: fix accessing the root pointer in tree mod log
   functions.
   * Btrfs: fix unlock after free on rewinded tree blocks.
   * Btrfs: do not continue if out of memory happens.
   * Btrfs: fix confusing edquot happening case.
   * Btrfs: remove unused argument of fixup_low_keys().
   * Btrfs: fix reada debug code compilation.
   * Btrfs: return error when we specify wrong start to
   defrag.
   * Btrfs: don't force pages under writeback to finish
   when aborting.
   * Btrfs: clear received_uuid field for new writable
   snapshots.
   * Btrfs: fix missing check about ulist_add() in
   qgroup.c.
   * Btrfs: add all ioctl checks before user change for
   quota operations.
   * Btrfs: fix lockdep warning.
   * Btrfs: fix possible infinite loop in slow caching.
   * Btrfs: use REQ_META for all metadata IO.
   * Btrfs: deal with bad mappings in btrfs_map_block.
   * Btrfs: don't call readahead hook until we have read
   the entire eb.
   * Btrfs: don't BUG_ON() in btrfs_num_copies.
   * Btrfs: don't try and free ebs twice in log replay.
   * Btrfs: add tree block level sanity check.
   * Btrfs: only exclude supers in the range of our block
   group.
   * Btrfs: fix all callers of read_tree_block.
   * Btrfs: fix extent logging with O_DIRECT into prealloc.
   * Btrfs: cleanup fs roots if we fail to mount.
   * Btrfs: don't panic if we're trying to drop too many
   refs.
   * Btrfs: check return value of commit when recovering
   log.
   * Btrfs: cleanup destroy_marked_extents.
   * Btrfs: various abort cleanups.
   * Btrfs: fix error handling in btrfs_ioctl_send().
   * Btrfs: set UUID in root_item for created trees.
   * Btrfs: return free space in cow error path.
   * Btrfs: separate sequence numbers for delayed ref
   tracking and tree mod log.
   * Btrfs: allocate new chunks if the space is not enough
   for global rsv.
   * Btrfs: split btrfs_qgroup_account_ref into four
   functions (FATE#312751).
   * Btrfs: rescan for qgroups (FATE#312751).
   * Btrfs: automatic rescan after "quota enable" command
   (FATE#312751).
   * Btrfs: deal with free space cache errors while
   replaying log.
   * Btrfs: remove almost all of the BUG()'s from
   tree-log.c.
   * Btrfs: deal with errors in write_dev_supers.
   * Btrfs: make static code static & remove dead code.
   * Btrfs: handle errors returned from get_tree_block_key.
   * Btrfs: remove unused gfp mask parameter from
   release_extent_buffer callchain.
   * Btrfs: read entire device info under lock.
   * Btrfs: improve the loop of scrub_stripe.
   * Btrfs: use unsigned long type for extent state bits.
   * Btrfs: enhance superblock checks.
   * Btrfs: allow superblock mismatch from older mkfs.
   * Btrfs: annotate quota tree for lockdep.
   * Btrfs: fix off-by-one in fiemap.
   * Btrfs: don't stop searching after encountering the
   wrong item.
   * Btrfs: don't null pointer deref on abort.
   * Btrfs: remove warn on in free space cache writeout.
   * Btrfs: fix possible memory leak in the
   find_parent_nodes().
   * Btrfs: fix possible memory leak in replace_path().
   * Btrfs: don't abort the current transaction if there
   is no enough space for inode cache.
   * Btrfs: don't use global block reservation for inode
   cache truncation.
   * Btrfs: optimize the error handle of use_block_rsv().
   * Btrfs: don't steal the reserved space from the global
   reserve if their space type is different.
   * Btrfs: update the global reserve if it is empty.
   * Btrfs: return errno if possible when we fail to
   allocate memory.
   * Btrfs: fix accessing a freed tree root.
   * Btrfs: fix unprotected root node of the subvolume's
   inode rb-tree.
   * Btrfs: pause the space balance when remounting to R/O.
   * Btrfs: remove BUG_ON() in
   btrfs_read_fs_tree_no_radix().
   * Btrfs: don't invoke btrfs_invalidate_inodes() in the
   spin lock context.
   * Btrfs: do away with non-whole_page extent I/O.
   * Btrfs: explicitly use global_block_rsv for quota_tree.
   * Btrfs: make sure roots are assigned before freeing
   their nodes.
   * Btrfs: don't delete fs_roots until after we cleanup
   the transaction.
   * Btrfs: Drop inode if inode root is NULL.
   * Btrfs: init relocate extent_io_tree with a mapping.
   * Btrfs: fix use-after-free bug during umount.
   * Btrfs: stop all workers before cleaning up roots.
   * Btrfs: add log message stubs.

   Security Issues:

   * CVE-2013-2206
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
   >

Indications:

   Everyone using the Real Time Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time Extension 11 SP3:

      zypper in -t patch slertesp3-kernel-8544

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Real Time Extension 11 SP3 (x86_64) [New Version: 3.0.101.rt130]:

      cluster-network-kmp-rt-1.4_3.0.101_rt130_0.8-2.27.24
      cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.8-2.27.24
      drbd-kmp-rt-8.4.4_3.0.101_rt130_0.8-0.18.8
      drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.8-0.18.8
      iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.8-0.38.9
      iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.8-0.38.9
      kernel-rt-3.0.101.rt130-0.8.3
      kernel-rt-base-3.0.101.rt130-0.8.3
      kernel-rt-devel-3.0.101.rt130-0.8.3
      kernel-rt_trace-3.0.101.rt130-0.8.3
      kernel-rt_trace-base-3.0.101.rt130-0.8.3
      kernel-rt_trace-devel-3.0.101.rt130-0.8.3
      kernel-source-rt-3.0.101.rt130-0.8.1
      kernel-syms-rt-3.0.101.rt130-0.8.1
      lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.8-0.11.11
      lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.8-0.11.11
      ocfs2-kmp-rt-1.6_3.0.101_rt130_0.8-0.20.24
      ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.8-0.20.24
      ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.8-0.13.15
      ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.8-0.13.15


References:

   http://support.novell.com/security/cve/CVE-2013-2206.html
   https://bugzilla.novell.com/754690
   https://bugzilla.novell.com/763463
   https://bugzilla.novell.com/794824
   https://bugzilla.novell.com/797526
   https://bugzilla.novell.com/800875
   https://bugzilla.novell.com/804950
   https://bugzilla.novell.com/808079
   https://bugzilla.novell.com/816099
   https://bugzilla.novell.com/820848
   https://bugzilla.novell.com/821259
   https://bugzilla.novell.com/821465
   https://bugzilla.novell.com/821948
   https://bugzilla.novell.com/822433
   https://bugzilla.novell.com/822942
   https://bugzilla.novell.com/825291
   https://bugzilla.novell.com/826102
   https://bugzilla.novell.com/827246
   https://bugzilla.novell.com/827416
   https://bugzilla.novell.com/827966
   https://bugzilla.novell.com/828714
   https://bugzilla.novell.com/828894
   https://bugzilla.novell.com/829682
   https://bugzilla.novell.com/830985
   https://bugzilla.novell.com/831029
   https://bugzilla.novell.com/831143
   https://bugzilla.novell.com/831380
   https://bugzilla.novell.com/832292
   https://bugzilla.novell.com/833097
   https://bugzilla.novell.com/833151
   https://bugzilla.novell.com/833321
   https://bugzilla.novell.com/833588
   https://bugzilla.novell.com/833635
   https://bugzilla.novell.com/833820
   https://bugzilla.novell.com/833858
   https://bugzilla.novell.com/834204
   https://bugzilla.novell.com/834600
   https://bugzilla.novell.com/834905
   https://bugzilla.novell.com/835094
   https://bugzilla.novell.com/835189
   https://bugzilla.novell.com/835684
   https://bugzilla.novell.com/835930
   https://bugzilla.novell.com/836218
   https://bugzilla.novell.com/836347
   https://bugzilla.novell.com/836801
   https://bugzilla.novell.com/837372
   https://bugzilla.novell.com/837596
   https://bugzilla.novell.com/837741
   https://bugzilla.novell.com/837803
   https://bugzilla.novell.com/838346
   https://bugzilla.novell.com/838448
   https://bugzilla.novell.com/839407
   https://bugzilla.novell.com/839973
   https://bugzilla.novell.com/840830
   https://bugzilla.novell.com/841050
   https://bugzilla.novell.com/841094
   https://bugzilla.novell.com/841402
   https://bugzilla.novell.com/841498
   https://bugzilla.novell.com/841656
   https://bugzilla.novell.com/842057
   https://bugzilla.novell.com/842063
   https://bugzilla.novell.com/842604
   https://bugzilla.novell.com/842820
   https://bugzilla.novell.com/843429
   https://bugzilla.novell.com/843445
   https://bugzilla.novell.com/843642
   https://bugzilla.novell.com/843645
   https://bugzilla.novell.com/843732
   https://bugzilla.novell.com/843753
   https://bugzilla.novell.com/843950
   https://bugzilla.novell.com/844513
   https://bugzilla.novell.com/845352
   https://bugzilla.novell.com/847319
   http://download.novell.com/patch/finder/?keywords=a82ba878ac66780ee782fc723b8b8a40



More information about the sle-security-updates mailing list