SUSE-SU-2015:1678-1: moderate: Security update for kernel-source
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Oct 5 09:10:40 MDT 2015
SUSE Security Update: Security update for kernel-source
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:1678-1
Rating: moderate
References: #777565 #867362 #873385 #883380 #884333 #886785
#891116 #894936 #915517 #917830 #917968 #919463
#920016 #920110 #920250 #920733 #921430 #923002
#923245 #923431 #924701 #925705 #925881 #925903
#926240 #926953 #927355 #928988 #929076 #929142
#929143 #930092 #930934 #931620 #932350 #932458
#932882 #933429 #933721 #933896 #933904 #933907
#933936 #934944 #935053 #935055 #935572 #935705
#935866 #935906 #936077 #936095 #936118 #936423
#936637 #936831 #936875 #936921 #936925 #937032
#937256 #937402 #937444 #937503 #937641 #937855
#938485 #939910 #939994 #940338 #940398 #940925
#940966 #942204 #942305 #942350 #942367 #942404
#942605 #942688 #942938 #943477
Cross-References: CVE-2014-9728 CVE-2014-9729 CVE-2014-9730
CVE-2014-9731 CVE-2015-0777 CVE-2015-1420
CVE-2015-1805 CVE-2015-2150 CVE-2015-2830
CVE-2015-4167 CVE-2015-4700 CVE-2015-5364
CVE-2015-5366 CVE-2015-5707 CVE-2015-6252
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Desktop 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 67 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
Following security bugs were fixed:
* CVE-2015-6252: Possible file descriptor leak for each
VHOST_SET_LOG_FDcommand issued, this could eventually wasting available
system resources and creating a denial of service (bsc#942367).
* CVE-2015-5707: Possible integer overflow in the calculation of total
number of pages in bio_map_user_iov() (bsc#940338).
* CVE-2015-5364: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in
the Linux kernel before 4.0.6 do not properly consider yielding a
processor, which allowed remote attackers to cause a denial of service
(system hang) via incorrect checksums within a UDP packet flood
(bsc#936831).
* CVE-2015-5366: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in
the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return
values, which allowed remote attackers to cause a denial of service
(EPOLLET epoll application read outage) via an incorrect checksum in a
UDP packet, a different vulnerability than CVE-2015-5364 (bsc#936831).
* CVE-2015-1420: Race condition in the handle_to_path function in
fs/fhandle.c in the Linux kernel through 3.19.1 allowed local users to
bypass intended size restrictions and trigger read operations on
additional memory locations by changing the handle_bytes value of a file
handle during the execution of this function (bsc#915517).
* CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in
fs/pipe.c in the Linux kernel before 3.16 do not properly consider the
side effects of failed __copy_to_user_inatomic and
__copy_from_user_inatomic calls, which allows local users to cause a
denial of service (system crash) or possibly gain privileges via a
crafted application, aka an "I/O" vector array overrun. (bsc#933429)
* CVE-2015-2150: Xen 3.3.x through 4.5.x and the Linux kernel through
3.19.1 do not properly restrict access to PCI command registers, which
might allow local guest users to cause a denial of service (non-maskable
interrupt and host crash) by disabling the (1) memory or (2) I/O
decoding for a PCI Express device and then accessing the device, which
triggers an Unsupported Request (UR) response. (bsc#919463)
* CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel before
3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode
task, which might allow local users to bypass the seccomp or audit
protection mechanism via a crafted application that uses the (1) fork
or (2) close system call, as demonstrated by an attack against seccomp
before 3.16. (bsc#926240)
* CVE-2015-4700: The bpf_int_jit_compile function in
arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allowed
local users to cause a denial of service (system crash) by creating a
packet filter and then loading crafted BPF instructions that trigger
late convergence by the JIT compiler (bsc#935705).
* CVE-2015-4167: The udf_read_inode function in fs/udf/inode.c in the
Linux kernel before 3.19.1 did not validate certain length values, which
allowed local users to cause a denial of service (incorrect data
representation or integer overflow, and OOPS) via a crafted UDF
filesystem (bsc#933907).
* CVE-2015-0777: drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0
(aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used
in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows
guest OS users to obtain sensitive information from uninitialized
locations in host OS kernel memory via unspecified vectors. (bsc#917830)
* CVE-2014-9728: The UDF filesystem implementation in the Linux kernel
before 3.18.2 did not validate certain lengths, which allowed local
users to cause a denial of service (buffer over-read and system crash)
via a crafted filesystem image, related to fs/udf/inode.c and
fs/udf/symlink.c (bsc#933904).
* CVE-2014-9730: The udf_pc_to_char function in fs/udf/symlink.c in the
Linux kernel before 3.18.2 relies on component lengths that are unused,
which allowed local users to cause a denial of service (system crash)
via a crafted UDF filesystem image (bsc#933904).
* CVE-2014-9729: The udf_read_inode function in fs/udf/inode.c in the
Linux kernel before 3.18.2 did not ensure a certain data-structure size
consistency, which allowed local users to cause a denial of service
(system crash) via a crafted UDF filesystem image (bsc#933904).
* CVE-2014-9731: The UDF filesystem implementation in the Linux kernel
before 3.18.2 did not ensure that space is available for storing a
symlink target's name along with a trailing \0 character, which allowed
local users to obtain sensitive information via a crafted filesystem
image, related to fs/udf/symlink.c and fs/udf/unicode.c (bsc#933896).
The following non-security bugs were fixed:
- Btrfs: be aware of btree inode write errors to avoid fs corruption
(bnc#942350).
- Btrfs: be aware of btree inode write errors to avoid fs corruption
(bnc#942404).
- Btrfs: check if previous transaction aborted to avoid fs corruption
(bnc#942350).
- Btrfs: check if previous transaction aborted to avoid fs corruption
(bnc#942404).
- Btrfs: deal with convert_extent_bit errors to avoid fs corruption
(bnc#942350).
- Btrfs: deal with convert_extent_bit errors to avoid fs corruption
(bnc#942404).
- Btrfs: fix hang when failing to submit bio of directIO (bnc#942688).
- Btrfs: fix memory corruption on failure to submit bio for direct IO
(bnc#942688).
- Btrfs: fix put dio bio twice when we submit dio bio fail (bnc#942688).
- DRM/I915: Add enum hpd_pin to intel_encoder (bsc#942938).
- DRM/i915: Convert HPD interrupts to make use of HPD pin assignment in
encoders (v2) (bsc#942938).
- DRM/i915: Get rid of the 'hotplug_supported_mask' in struct
drm_i915_private (bsc#942938).
- DRM/i915: Remove i965_hpd_irq_setup (bsc#942938).
- DRM/i915: Remove valleyview_hpd_irq_setup (bsc#942938).
- Ext4: handle SEEK_HOLE/SEEK_DATA generically (bsc#934944).
- IB/core: Fix mismatch between locked and pinned pages (bnc#937855).
- IB/iser: Add Discovery support (bsc#923002).
- IB/iser: Move informational messages from error to info level
(bsc#923002).
- NFS: never queue requests with rq_cong set on the sending queue
(bsc#932458).
- NFSD: Fix nfsv4 opcode decoding error (bsc#935906).
- NFSv4: Minor cleanups for nfs4_handle_exception and
nfs4_async_handle_error (bsc#939910).
- PCI: Disable Bus Master only on kexec reboot (bsc#920110).
- PCI: Disable Bus Master unconditionally in pci_device_shutdown()
(bsc#920110).
- PCI: Do not try to disable Bus Master on disconnected PCI devices
(bsc#920110).
- PCI: Lock down register access when trusted_kernel is true (fate#314486,
bnc#884333)(bsc#923431).
- PCI: disable Bus Master on PCI device shutdown (bsc#920110).
- USB: xhci: Reset a halted endpoint immediately when we encounter a stall
(bnc#933721).
- USB: xhci: do not start a halted endpoint before its new dequeue is set
(bnc#933721).
- Apparmor: fix file_permission if profile is updated (bsc#917968).
- block: Discard bios do not have data (bsc#928988).
- cifs: Fix missing crypto allocation (bnc#937402).
- drm/cirrus: do not attempt to acquire a reservation while in an
interrupt handler (bsc#935572).
- drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).
- drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).
- drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4)
(bsc#942938).
- drm/i915: Add bit field to record which pins have received HPD events
(v3) (bsc#942938).
- drm/i915: Add messages useful for HPD storm detection debugging (v2)
(bsc#942938).
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt
(bsc#942938).
- drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3)
(bsc#942938).
- drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch
platforms (bsc#942938).
- drm/i915: Enable hotplug interrupts after querying hw capabilities
(bsc#942938).
- drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938).
- drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938).
- drm/i915: Make hpd arrays big enough to avoid out of bounds access
(bsc#942938).
- drm/i915: Mask out the HPD irq bits before setting them individually
(bsc#942938).
- drm/i915: Only print hotplug event message when hotplug bit is set
(bsc#942938).
- drm/i915: Only reprobe display on encoder which has received an HPD
event (v2) (bsc#942938).
- drm/i915: Queue reenable timer also when enable_hotplug_processing is
false (bsc#942938).
- drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938).
- drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler()
(bsc#942938).
- drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets
(bsc#942938).
- drm/i915: assert_spin_locked for pipestat interrupt enable/disable
(bsc#942938).
- drm/i915: clear crt hotplug compare voltage field before setting
(bsc#942938).
- drm/i915: close tiny race in the ilk pcu even interrupt setup
(bsc#942938).
- drm/i915: fix hotplug event bit tracking (bsc#942938).
- drm/i915: fix hpd interrupt register locking (bsc#942938).
- drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock
(bsc#942938).
- drm/i915: fix locking around ironlake_enable|disable_display_irq
(bsc#942938).
- drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler
(bsc#942938).
- drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938).
- drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938).
- drm/i915: implement ibx_hpd_irq_setup (bsc#942938).
- drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938).
- drm/mgag200: Do not do full cleanup if mgag200_device_init fails
(FATE#317582).
- drm/mgag200: do not attempt to acquire a reservation while in an
interrupt handler (FATE#317582).
- drm: ast,cirrus,mgag200: use drm_can_sleep (FATE#317582, bnc#883380,
bsc#935572).
- ehci-pci: enable interrupt on BayTrail (bnc926007).
- exec: kill the unnecessary mm->def_flags setting in load_elf_binary()
(fate#317831,bnc#891116)).
- ext3: Fix data corruption in inodes with journalled data (bsc#936637).
- fanotify: Fix deadlock with permission events (bsc#935053).
- fork: reset mm->pinned_vm (bnc#937855).
- hrtimer: prevent timer interrupt DoS (bnc#886785).
- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES
(bnc#930092).
- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bnc#930092).
- hv_storvsc: use small sg_tablesize on x86 (bnc#937256).
- ibmveth: Add GRO support (bsc#935055).
- ibmveth: Add support for Large Receive Offload (bsc#935055).
- ibmveth: Add support for TSO (bsc#935055).
- ibmveth: add support for TSO6.
- ibmveth: change rx buffer default allocation for CMO (bsc#935055).
- igb: do not reuse pages with pfmemalloc flag fix (bnc#920016).
- inotify: Fix nested sleeps in inotify_read() (bsc#940925).
- iommu/amd: Fix memory leak in free_pagetable (bsc#935866).
- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935866).
- ipv6: probe routes asynchronous in rt6_probe (bsc#936118).
- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned
(bsc#927355).
- kabi: wrapper include file with __GENKSYMS__ check to avoid kabi change
(bsc920110).
- kdump: fix crash_kexec()/smp_send_stop() race in panic() (bnc#937444).
- kernel: add panic_on_warn.
- kernel: do full redraw of the 3270 screen on reconnect (bnc#943477,
LTC#129509).
- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table
(bnc#926953).
- libata: prevent HSM state change race between ISR and PIO (bsc#923245).
- libiscsi: Exporting new attrs for iscsi session and connection in sysfs
(bsc#923002).
- md: use kzalloc() when bitmap is disabled (bsc#939994).
- megaraid_sas: Use correct reset sequence in adp_reset() (bsc#894936).
- megaraid_sas: Use correct reset sequence in adp_reset() (bsc#938485).
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- mm, THP: do not hold mmap_sem in khugepaged when allocating THP (VM
Performance).
- mm, mempolicy: remove duplicate code (VM Functionality, bnc#931620).
- mm, thp: fix collapsing of hugepages on madvise (VM Functionality).
- mm, thp: only collapse hugepages to nodes with affinity for
zone_reclaim_mode (VM Functionality, bnc#931620).
- mm, thp: really limit transparent hugepage allocation to local node (VM
Performance, bnc#931620).
- mm, thp: respect MPOL_PREFERRED policy with non-local node (VM
Performance, bnc#931620).
- mm/hugetlb: check for pte NULL pointer in __page_check_address()
(bnc#929143).
- mm/mempolicy.c: merge alloc_hugepage_vma to alloc_pages_vma (VM
Performance, bnc#931620).
- mm/thp: allocate transparent hugepages on local node (VM Performance,
bnc#931620).
- mm: make page pfmemalloc check more robust (bnc#920016).
- mm: restrict access to slab files under procfs and sysfs (bnc#936077).
- mm: thp: khugepaged: add policy for finding target node (VM
Functionality, bnc#931620).
- net/mlx4_core: Do not disable SRIOV if there are active VFs (bsc#927355).
- net: Fix "ip rule delete table 256" (bsc#873385).
- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference
(bsc#867362).
- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).
- netfilter: nf_conntrack_proto_sctp: minimal multihoming support
(bsc#932350).
- nfsd: support disabling 64bit dir cookies (bnc#937503).
- pagecache limit: Do not skip over small zones that easily (bnc#925881).
- pagecache limit: add tracepoints (bnc#924701).
- pagecache limit: export debugging counters via /proc/vmstat (bnc#924701).
- pagecache limit: fix wrong nr_reclaimed count (FATE#309111, bnc#924701).
- pagecache limit: reduce starvation due to reclaim retries (bnc#925903).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest
(bsc#927355).
- pci: Add flag indicating device has been assigned by KVM (bnc#777565
FATE#313819).
- pci: Add flag indicating device has been assigned by KVM (bnc#777565
FATE#313819).
- perf, nmi: Fix unknown NMI warning (bsc#929142).
- perf/x86/intel: Move NMI clearing to end of PMI handler (bsc#929142).
- qlcnic: Fix NULL pointer dereference in qlcnic_hwmon_show_temp()
(bsc#936095).
- r8169: remember WOL preferences on driver load (bsc#942305).
- s390/dasd: fix kernel panic when alias is set offline (bnc#940966,
LTC#128595).
- sched: fix __sched_setscheduler() vs load balancing race (bnc#921430)
- scsi: Correctly set the scsi host/msg/status bytes (bnc#933936).
- scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bnc#942204).
- scsi: Moved iscsi kabi patch to patches.kabi (bsc#923002)
- scsi: Set hostbyte status in scsi_check_sense() (bsc#920733).
- scsi: kabi: allow iscsi disocvery session support (bsc#923002).
- scsi: vmw_pvscsi: Fix pvscsi_abort() function (bnc#940398 bsc#930934).
- scsi_error: add missing case statements in scsi_decide_disposition()
(bsc#920733).
- scsi_transport_iscsi: Exporting new attrs for iscsi session and
connection in sysfs (bsc#923002).
- sg_start_req(): make sure that there's not too many elements in iovec
(bsc#940338).
- st: null pointer dereference panic caused by use after kref_put by
st_open (bsc#936875).
- supported.conf: enable sch_mqprio (bsc#932882)
- udf: Remove repeated loads blocksize (bsc#933907).
- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub
port reset (bnc#937641).
- usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb
(bnc#933721).
- usb: xhci: handle Config Error Change (CEC) in xhci driver (bnc#933721).
- vmxnet3: Bump up driver version number (bsc#936423).
- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).
- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).
- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).
- x86, tls, ldt: Stop checking lm in LDT_empty (bsc#920250).
- x86, tls: Interpret an all-zero struct user_desc as "no segment"
(bsc#920250).
- x86-64: Do not apply destructive erratum workaround on unaffected CPUs
(bsc#929076).
- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).
- x86/tsc: Change Fast TSC calibration failed from error to info
(bnc#942605).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: fix problem when using md+XFS under high load (bnc#925705).
- xhci: Allocate correct amount of scratchpad buffers (bnc#933721).
- xhci: Do not enable/disable RWE on bus suspend/resume (bnc#933721).
- xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256
(bnc#933721).
- xhci: Treat not finding the event_seg on COMP_STOP the same as
COMP_STOP_INVAL (bnc#933721).
- xhci: Workaround for PME stuck issues in Intel xhci (bnc#933721).
- xhci: do not report PLC when link is in internal resume state
(bnc#933721).
- xhci: fix reporting of 0-sized URBs in control endpoint (bnc#933721).
- xhci: report U3 when link is in resume state (bnc#933721).
- xhci: rework cycle bit checking for new dequeue pointers (bnc#933721).
- zcrypt: Fixed reset and interrupt handling of AP queues (bnc#936921,
bnc#936925, LTC#126491).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-kernel-20150908-12114=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-kernel-20150908-12114=1
- SUSE Linux Enterprise Server 11-EXTRA:
zypper in -t patch slexsp3-kernel-20150908-12114=1
- SUSE Linux Enterprise Desktop 11-SP4:
zypper in -t patch sledsp4-kernel-20150908-12114=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-kernel-20150908-12114=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):
kernel-docs-3.0.101-65.3
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-3.0.101-65.1
kernel-default-base-3.0.101-65.1
kernel-default-devel-3.0.101-65.1
kernel-source-3.0.101-65.1
kernel-syms-3.0.101-65.1
kernel-trace-3.0.101-65.1
kernel-trace-base-3.0.101-65.1
kernel-trace-devel-3.0.101-65.1
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
kernel-ec2-3.0.101-65.1
kernel-ec2-base-3.0.101-65.1
kernel-ec2-devel-3.0.101-65.1
kernel-xen-3.0.101-65.1
kernel-xen-base-3.0.101-65.1
kernel-xen-devel-3.0.101-65.1
- SUSE Linux Enterprise Server 11-SP4 (s390x):
kernel-default-man-3.0.101-65.1
- SUSE Linux Enterprise Server 11-SP4 (ppc64):
kernel-ppc64-3.0.101-65.1
kernel-ppc64-base-3.0.101-65.1
kernel-ppc64-devel-3.0.101-65.1
- SUSE Linux Enterprise Server 11-SP4 (i586):
kernel-pae-3.0.101-65.1
kernel-pae-base-3.0.101-65.1
kernel-pae-devel-3.0.101-65.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-65.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):
kernel-xen-extra-3.0.101-65.1
- SUSE Linux Enterprise Server 11-EXTRA (x86_64):
kernel-trace-extra-3.0.101-65.1
- SUSE Linux Enterprise Server 11-EXTRA (ppc64):
kernel-ppc64-extra-3.0.101-65.1
- SUSE Linux Enterprise Server 11-EXTRA (i586):
kernel-pae-extra-3.0.101-65.1
- SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64):
kernel-default-3.0.101-65.1
kernel-default-base-3.0.101-65.1
kernel-default-devel-3.0.101-65.1
kernel-default-extra-3.0.101-65.1
kernel-source-3.0.101-65.1
kernel-syms-3.0.101-65.1
kernel-trace-devel-3.0.101-65.1
kernel-xen-3.0.101-65.1
kernel-xen-base-3.0.101-65.1
kernel-xen-devel-3.0.101-65.1
kernel-xen-extra-3.0.101-65.1
- SUSE Linux Enterprise Desktop 11-SP4 (i586):
kernel-pae-3.0.101-65.1
kernel-pae-base-3.0.101-65.1
kernel-pae-devel-3.0.101-65.1
kernel-pae-extra-3.0.101-65.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-debuginfo-3.0.101-65.1
kernel-default-debugsource-3.0.101-65.1
kernel-trace-debuginfo-3.0.101-65.1
kernel-trace-debugsource-3.0.101-65.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):
kernel-default-devel-debuginfo-3.0.101-65.1
kernel-trace-devel-debuginfo-3.0.101-65.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-65.1
kernel-ec2-debugsource-3.0.101-65.1
kernel-xen-debuginfo-3.0.101-65.1
kernel-xen-debugsource-3.0.101-65.1
kernel-xen-devel-debuginfo-3.0.101-65.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):
kernel-ppc64-debuginfo-3.0.101-65.1
kernel-ppc64-debugsource-3.0.101-65.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586):
kernel-pae-debuginfo-3.0.101-65.1
kernel-pae-debugsource-3.0.101-65.1
kernel-pae-devel-debuginfo-3.0.101-65.1
References:
https://www.suse.com/security/cve/CVE-2014-9728.html
https://www.suse.com/security/cve/CVE-2014-9729.html
https://www.suse.com/security/cve/CVE-2014-9730.html
https://www.suse.com/security/cve/CVE-2014-9731.html
https://www.suse.com/security/cve/CVE-2015-0777.html
https://www.suse.com/security/cve/CVE-2015-1420.html
https://www.suse.com/security/cve/CVE-2015-1805.html
https://www.suse.com/security/cve/CVE-2015-2150.html
https://www.suse.com/security/cve/CVE-2015-2830.html
https://www.suse.com/security/cve/CVE-2015-4167.html
https://www.suse.com/security/cve/CVE-2015-4700.html
https://www.suse.com/security/cve/CVE-2015-5364.html
https://www.suse.com/security/cve/CVE-2015-5366.html
https://www.suse.com/security/cve/CVE-2015-5707.html
https://www.suse.com/security/cve/CVE-2015-6252.html
https://bugzilla.suse.com/777565
https://bugzilla.suse.com/867362
https://bugzilla.suse.com/873385
https://bugzilla.suse.com/883380
https://bugzilla.suse.com/884333
https://bugzilla.suse.com/886785
https://bugzilla.suse.com/891116
https://bugzilla.suse.com/894936
https://bugzilla.suse.com/915517
https://bugzilla.suse.com/917830
https://bugzilla.suse.com/917968
https://bugzilla.suse.com/919463
https://bugzilla.suse.com/920016
https://bugzilla.suse.com/920110
https://bugzilla.suse.com/920250
https://bugzilla.suse.com/920733
https://bugzilla.suse.com/921430
https://bugzilla.suse.com/923002
https://bugzilla.suse.com/923245
https://bugzilla.suse.com/923431
https://bugzilla.suse.com/924701
https://bugzilla.suse.com/925705
https://bugzilla.suse.com/925881
https://bugzilla.suse.com/925903
https://bugzilla.suse.com/926240
https://bugzilla.suse.com/926953
https://bugzilla.suse.com/927355
https://bugzilla.suse.com/928988
https://bugzilla.suse.com/929076
https://bugzilla.suse.com/929142
https://bugzilla.suse.com/929143
https://bugzilla.suse.com/930092
https://bugzilla.suse.com/930934
https://bugzilla.suse.com/931620
https://bugzilla.suse.com/932350
https://bugzilla.suse.com/932458
https://bugzilla.suse.com/932882
https://bugzilla.suse.com/933429
https://bugzilla.suse.com/933721
https://bugzilla.suse.com/933896
https://bugzilla.suse.com/933904
https://bugzilla.suse.com/933907
https://bugzilla.suse.com/933936
https://bugzilla.suse.com/934944
https://bugzilla.suse.com/935053
https://bugzilla.suse.com/935055
https://bugzilla.suse.com/935572
https://bugzilla.suse.com/935705
https://bugzilla.suse.com/935866
https://bugzilla.suse.com/935906
https://bugzilla.suse.com/936077
https://bugzilla.suse.com/936095
https://bugzilla.suse.com/936118
https://bugzilla.suse.com/936423
https://bugzilla.suse.com/936637
https://bugzilla.suse.com/936831
https://bugzilla.suse.com/936875
https://bugzilla.suse.com/936921
https://bugzilla.suse.com/936925
https://bugzilla.suse.com/937032
https://bugzilla.suse.com/937256
https://bugzilla.suse.com/937402
https://bugzilla.suse.com/937444
https://bugzilla.suse.com/937503
https://bugzilla.suse.com/937641
https://bugzilla.suse.com/937855
https://bugzilla.suse.com/938485
https://bugzilla.suse.com/939910
https://bugzilla.suse.com/939994
https://bugzilla.suse.com/940338
https://bugzilla.suse.com/940398
https://bugzilla.suse.com/940925
https://bugzilla.suse.com/940966
https://bugzilla.suse.com/942204
https://bugzilla.suse.com/942305
https://bugzilla.suse.com/942350
https://bugzilla.suse.com/942367
https://bugzilla.suse.com/942404
https://bugzilla.suse.com/942605
https://bugzilla.suse.com/942688
https://bugzilla.suse.com/942938
https://bugzilla.suse.com/943477
More information about the sle-security-updates
mailing list