SUSE-SU-2014:0833-1: moderate: Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Jun 23 12:09:31 MDT 2014
SUSE Security Update: Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0833-1
Rating: moderate
References: #851021 #851426 #865475 #871148 #883209
Cross-References: CVE-2013-4579 CVE-2014-2672
Affected Products:
SUSE Linux Enterprise Point of Service 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that solves two vulnerabilities and has three
fixes is now available.
Description:
This update for the compat-wireless kernel modules provides many fixes and
enhancements:
* Fix potential crash problem in ath9k. (CVE-2014-2672, bnc#871148)
* Fix improper updates of MAC addresses in ath9k_htc. (bnc#851426,
CVE-2013-4579)
* Fix stability issues in iwlwifi. (bnc#865475)
* Improve support for Intel 7625 cards in iwlwifi. (bnc#51021)
Installation notes:
New driver modules may conflict with old modules, which are automatically
loaded from the initrd file after reboot. To apply this maintenance update
correctly, the following steps need to be executed on a SLEPOS system:
* Rebuild image
* Create specific scDistributionContainer with newly built initrd and
kernel
* Put the updated system image in it as a scPosImage object
Alternatively, you can use a kernel parameter to enforce using the kernel
from the system image:
* Rebuild image
* Set the kernel parameter FORCE_KEXEC, by adding the scPxeFileTemplate
object under the relevant scPosImage object, with the
scKernelParameters attribute containing 'FORCE_KEXEC=yes'.
Security Issue references:
* CVE-2014-2672
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672>
* CVE-2013-4579
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4579>
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Point of Service 11 SP3:
zypper in -t patch sleposp3-compat-wireless-9414
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-compat-wireless-9414
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Point of Service 11 SP3 (i586 x86_64):
compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9.1
- SUSE Linux Enterprise Point of Service 11 SP3 (i586):
compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):
compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9.1
compat-wireless-kmp-xen-3.13_3.0.101_0.31-0.9.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586):
compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9.1
References:
http://support.novell.com/security/cve/CVE-2013-4579.html
http://support.novell.com/security/cve/CVE-2014-2672.html
https://bugzilla.novell.com/851021
https://bugzilla.novell.com/851426
https://bugzilla.novell.com/865475
https://bugzilla.novell.com/871148
https://bugzilla.novell.com/883209
http://download.suse.com/patch/finder/?keywords=313c3f5584bd9bba06b195bad96e9fb8
More information about the sle-security-updates
mailing list