SUSE-SU-2014:0833-1: moderate: Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Jun 23 12:09:31 MDT 2014


   SUSE Security Update: Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0833-1
Rating:             moderate
References:         #851021 #851426 #865475 #871148 #883209 
Cross-References:   CVE-2013-4579 CVE-2014-2672
Affected Products:
                    SUSE Linux Enterprise Point of Service 11 SP3
                    SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

   An update that solves two vulnerabilities and has three
   fixes is now available.

Description:


   This update for the compat-wireless kernel modules provides many fixes and
   enhancements:

       * Fix potential crash problem in ath9k. (CVE-2014-2672, bnc#871148)
       * Fix improper updates of MAC addresses in ath9k_htc. (bnc#851426,
         CVE-2013-4579)
       * Fix stability issues in iwlwifi. (bnc#865475)
       * Improve support for Intel 7625 cards in iwlwifi. (bnc#51021)

   Installation notes:

   New driver modules may conflict with old modules, which are automatically
   loaded from the initrd file after reboot. To apply this maintenance update
   correctly, the following steps need to be executed on a SLEPOS system:

       * Rebuild image
       * Create specific scDistributionContainer with newly built initrd and
         kernel
       * Put the updated system image in it as a scPosImage object

   Alternatively, you can use a kernel parameter to enforce using the kernel
   from the system image:

       * Rebuild image
       * Set the kernel parameter FORCE_KEXEC, by adding the scPxeFileTemplate
         object under the relevant scPosImage object, with the
   scKernelParameters attribute containing 'FORCE_KEXEC=yes'.

   Security Issue references:

       * CVE-2014-2672
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672>
       * CVE-2013-4579
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4579>


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Point of Service 11 SP3:

      zypper in -t patch sleposp3-compat-wireless-9414

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-compat-wireless-9414

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Point of Service 11 SP3 (i586 x86_64):

      compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9.1

   - SUSE Linux Enterprise Point of Service 11 SP3 (i586):

      compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9.1

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):

      compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9.1
      compat-wireless-kmp-xen-3.13_3.0.101_0.31-0.9.1

   - SUSE Linux Enterprise Desktop 11 SP3 (i586):

      compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9.1


References:

   http://support.novell.com/security/cve/CVE-2013-4579.html
   http://support.novell.com/security/cve/CVE-2014-2672.html
   https://bugzilla.novell.com/851021
   https://bugzilla.novell.com/851426
   https://bugzilla.novell.com/865475
   https://bugzilla.novell.com/871148
   https://bugzilla.novell.com/883209
   http://download.suse.com/patch/finder/?keywords=313c3f5584bd9bba06b195bad96e9fb8



More information about the sle-security-updates mailing list