SUSE-SU-2016:2074-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Aug 15 08:08:51 MDT 2016


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:2074-1
Rating:             important
References:         #816446 #861093 #928130 #935757 #939826 #942367 
                    #945825 #946117 #946309 #948562 #949744 #949936 
                    #951440 #952384 #953527 #954404 #955354 #955654 
                    #956708 #956709 #958463 #958886 #958951 #959190 
                    #959399 #961500 #961509 #961512 #963765 #963767 
                    #964201 #966437 #966460 #966662 #966693 #967972 
                    #967973 #967974 #967975 #968010 #968011 #968012 
                    #968013 #968670 #970504 #970892 #970909 #970911 
                    #970948 #970956 #970958 #970970 #971124 #971125 
                    #971126 #971360 #972510 #973570 #975945 #977847 
                    #978822 
Cross-References:   CVE-2013-2015 CVE-2013-7446 CVE-2015-0272
                    CVE-2015-3339 CVE-2015-5307 CVE-2015-6252
                    CVE-2015-6937 CVE-2015-7509 CVE-2015-7515
                    CVE-2015-7550 CVE-2015-7566 CVE-2015-7799
                    CVE-2015-7872 CVE-2015-7990 CVE-2015-8104
                    CVE-2015-8215 CVE-2015-8539 CVE-2015-8543
                    CVE-2015-8569 CVE-2015-8575 CVE-2015-8767
                    CVE-2015-8785 CVE-2015-8812 CVE-2015-8816
                    CVE-2016-0723 CVE-2016-2069 CVE-2016-2143
                    CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
                    CVE-2016-2188 CVE-2016-2384 CVE-2016-2543
                    CVE-2016-2544 CVE-2016-2545 CVE-2016-2546
                    CVE-2016-2547 CVE-2016-2548 CVE-2016-2549
                    CVE-2016-2782 CVE-2016-2847 CVE-2016-3134
                    CVE-2016-3137 CVE-2016-3138 CVE-2016-3139
                    CVE-2016-3140 CVE-2016-3156 CVE-2016-4486
                   
Affected Products:
                    SUSE Linux Enterprise Server 11-SP2-LTSS
                    SUSE Linux Enterprise Debuginfo 11-SP2
______________________________________________________________________________

   An update that solves 48 vulnerabilities and has 13 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various
   security and bug fixes.

   The following security bugs were fixed:
   - CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c
     (bsc#978822).
   - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
     validate certain offset fields, which allowed local users to gain
     privileges or cause a denial of service (heap memory corruption) via an
     IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
   - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
     unread data in pipes, which allowed local users to cause a denial of
     service (memory consumption) by creating many pipes with non-default
     sizes (bnc#970948).
   - CVE-2016-2188: The iowarrior_probe function in
     drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted endpoints value in a USB
     device descriptor (bnc#970956).
   - CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
     the Linux kernel allowed physically proximate attackers to cause a
     denial of service (NULL pointer dereference and system crash) via a USB
     device without both a control and a data endpoint descriptor
     (bnc#970911).
   - CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
     allowed physically proximate attackers to cause a denial of service
     (NULL pointer dereference and system crash) via a USB device without
     both an interrupt-in and an interrupt-out endpoint descriptor, related
     to the cypress_generic_port_probe and cypress_open functions
     (bnc#970970).
   - CVE-2016-3140: The digi_port_init function in
     drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
     physically proximate attackers to cause a denial of service (NULL
     pointer dereference and system crash) via a crafted endpoints value in a
     USB device descriptor (bnc#970892).
   - CVE-2016-2186: The powermate_probe function in
     drivers/input/misc/powermate.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted endpoints value in a USB
     device descriptor (bnc#970958).
   - CVE-2016-2185: The ati_remote2_probe function in
     drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted endpoints value in a USB
     device descriptor (bnc#971124).
   - CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
     destruction of device objects, which allowed guest OS users to cause a
     denial of service (host OS networking outage) by arranging for a large
     number of IP addresses (bnc#971360).
   - CVE-2016-2184: The create_fixed_stream_quirk function in
     sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
     allowed physically proximate attackers to cause a denial of service
     (NULL pointer dereference or double free, and system crash) via a
     crafted endpoints value in a USB device descriptor (bnc#971125).
   - CVE-2016-3139: The wacom_probe function in
     drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted endpoints value in a USB
     device descriptor (bnc#970909).
   - CVE-2016-2143: The fork implementation in the Linux kernel on s390
     platforms mishandled the case of four page-table levels, which allowed
     local users to cause a denial of service (system crash) or possibly have
     unspecified other impact via a crafted application, related to
     arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h
     (bnc#970504).
   - CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
     the Linux kernel allowed physically proximate attackers to cause a
     denial of service (NULL pointer dereference and system crash) or
     possibly have unspecified other impact by inserting a USB device that
     lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
   - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
     the Linux kernel did not properly maintain a hub-interface data
     structure, which allowed physically proximate attackers to cause a
     denial of service (invalid memory access and system crash) or possibly
     have unspecified other impact by unplugging a USB hub device
     (bnc#968010).
   - CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
     in the Linux kernel allowed physically proximate attackers to cause a
     denial of service (NULL pointer dereference and system crash) or
     possibly have unspecified other impact by inserting a USB device that
     lacks a bulk-out endpoint (bnc#961512).
   - CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent
     recursive callback access, which allowed local users to cause a denial
     of service (deadlock) via a crafted ioctl call (bnc#968013).
   - CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking
     approach that did not consider slave timer instances, which allowed
     local users to cause a denial of service (race condition,
     use-after-free, and system crash) via a crafted ioctl call (bnc#968011).
   - CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain
     linked lists after a close or stop action, which allowed local users to
     cause a denial of service (system crash) via a crafted ioctl call,
     related to the (1) snd_timer_close and (2) _snd_timer_stop functions
     (bnc#968012).
   - CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect
     type of mutex, which allowed local users to cause a denial of service
     (race condition, use-after-free, and system crash) via a crafted ioctl
     call (bnc#967975).
   - CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in
     the Linux kernel did not properly maintain a certain linked list, which
     allowed local users to cause a denial of service (race condition and
     system crash) via a crafted ioctl call (bnc#967974).
   - CVE-2016-2544: Race condition in the queue_delete function in
     sound/core/seq/seq_queue.c in the Linux kernel allowed local users to
     cause a denial of service (use-after-free and system crash) by making an
     ioctl call at a certain time (bnc#967973).
   - CVE-2016-2543: The snd_seq_ioctl_remove_events function in
     sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO
     assignment before proceeding with FIFO clearing, which allowed local
     users to cause a denial of service (NULL pointer dereference and OOPS)
     via a crafted ioctl call (bnc#967972).
   - CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create
     function in sound/usb/midi.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (panic) or possibly
     have unspecified other impact via vectors involving an invalid USB
     descriptor (bnc#966693).
   - CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel
     did not properly identify error conditions, which allowed remote
     attackers to execute arbitrary code or cause a denial of service
     (use-after-free) via crafted packets (bnc#966437).
   - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in
     the Linux kernel allowed local users to cause a denial of service
     (infinite loop) via a writev system call that triggers a zero length for
     the first segment of an iov (bnc#963765).
   - CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel
     .4.1 allowed local users to gain privileges by triggering access to a
     paging structure by a different CPU (bnc#963767).
   - CVE-2016-0723: Race condition in the tty_ioctl function in
     drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
     sensitive information from kernel memory or cause a denial of service
     (use-after-free and system crash) by making a TIOCGETD ioctl call during
     processing of a TIOCSETD ioctl call (bnc#961500).
   - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the
     Linux kernel allowed local users to bypass intended AF_UNIX socket
     permissions or cause a denial of service (panic) via crafted epoll_ctl
     calls (bnc#955654).
   - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
     properly manage the relationship between a lock and a socket, which
     allowed local users to cause a denial of service (deadlock) via a
     crafted sctp_accept call (bnc#961509).
   - CVE-2015-7515: The aiptek_probe function in
     drivers/input/tablet/aiptek.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted USB device that lacks
     endpoints (bnc#956708).
   - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel
     did not validate attempted changes to the MTU value, which allowed
     context-dependent attackers to cause a denial of service (packet loss)
     via a value that is (1) smaller than the minimum compliant value or (2)
     larger than the MTU of an interface, as demonstrated by a Router
     Advertisement (RA) message that is not validated by a daemon, a
     different vulnerability than CVE-2015-0272 (bnc#955354).
   - CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in
     the Linux kernel did not properly use a semaphore, which allowed local
     users to cause a denial of service (NULL pointer dereference and system
     crash) or possibly have unspecified other impact via a crafted
     application that leverages a race condition between keyctl_revoke and
     keyctl_read calls (bnc#958951).
   - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
     drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
     length, which allowed local users to obtain sensitive information from
     kernel memory and bypass the KASLR protection mechanism via a crafted
     application (bnc#959190).
   - CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the
     Linux kernel did not verify an address length, which allowed local users
     to obtain sensitive information from kernel memory and bypass the KASLR
     protection mechanism via a crafted application (bnc#959399).
   - CVE-2015-8543: The networking implementation in the Linux kernel did not
     validate protocol identifiers for certain protocol families, which
     allowed local users to cause a denial of service (NULL function pointer
     dereference and system crash) or possibly gain privileges by leveraging
     CLONE_NEWUSER support to execute a crafted SOCK_RAW application
     (bnc#958886).
   - CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local
     users to gain privileges or cause a denial of service (BUG) via crafted
     keyctl commands that negatively instantiate a key, related to
     security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and
     security/keys/user_defined.c (bnc#958463).
   - CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically
     proximate attackers to cause a denial of service (system crash) via a
     crafted no-journal filesystem, a related issue to CVE-2013-2015
     (bnc#956709).
   - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
     Linux kernel did not ensure that certain slot numbers are valid, which
     allowed local users to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
     (bnc#949936).
   - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (host OS panic or hang) by triggering
     many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
   - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (host OS panic or hang) by triggering
     many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c
     (bnc#953527).
   - CVE-2015-7990: Race condition in the rds_sendmsg function in
     net/rds/sendmsg.c in the Linux kernel allowed local users to cause a
     denial of service (NULL pointer dereference and system crash) or
     possibly have unspecified other impact by using a socket that was not
     properly bound (bnc#952384).
   - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in
     the Linux kernel allowed local users to cause a denial of service (OOPS)
     via crafted keyctl commands (bnc#951440).
   - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
     the Linux kernel allowed local users to cause a denial of service (NULL
     pointer dereference and system crash) or possibly have unspecified other
     impact by using a socket that was not properly bound (bnc#945825).
   - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in
     the Linux kernel allowed local users to cause a denial of service
     (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers
     permanent file-descriptor allocation (bnc#942367).
   - CVE-2015-3339: Race condition in the prepare_binprm function in
     fs/exec.c in the Linux kernel allowed local users to gain privileges by
     executing a setuid program at a time instant when a chown to root is in
     progress, and the ownership is changed but the setuid bit is not yet
     stripped (bnc#928130).

   The following non-security bugs were fixed:
   - Fix handling of re-write-before-commit for mmapped NFS pages
     (bsc#964201).
   - Fix lpfc_send_rscn_event allocation size claims bnc#935757
   - Fix ntpd clock synchronization in Xen PV domains (bnc#816446).
   - Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).
   - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
   - SCSI: bfa: Fix to handle firmware tskim abort request response
     (bsc#972510).
   - USB: usbip: fix potential out-of-bounds write (bnc#975945).
   - af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
   - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
   - mm/hugetlb: check for pte NULL pointer in __page_check_address()
     (bsc#977847).
   - nf_conntrack: fix bsc#758540 kabi fix (bsc#946117).
   - privcmd: allow preempting long running user-mode originating hypercalls
     (bnc#861093).
   - s390/cio: collect format 1 channel-path description data (bsc#966460,
     bsc#966662).
   - s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662).
   - s390/cio: fix measurement characteristics memleak (bsc#966460,
     bsc#966662).
   - s390/cio: update measurement characteristics (bsc#966460, bsc#966662).
   - xfs: Fix lost direct IO write in the last block (bsc#949744).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP2-LTSS:

      zypper in -t patch slessp2-kernel-source-12693=1

   - SUSE Linux Enterprise Debuginfo 11-SP2:

      zypper in -t patch dbgsp2-kernel-source-12693=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):

      kernel-default-3.0.101-0.7.40.1
      kernel-default-base-3.0.101-0.7.40.1
      kernel-default-devel-3.0.101-0.7.40.1
      kernel-source-3.0.101-0.7.40.1
      kernel-syms-3.0.101-0.7.40.1
      kernel-trace-3.0.101-0.7.40.1
      kernel-trace-base-3.0.101-0.7.40.1
      kernel-trace-devel-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64):

      kernel-ec2-3.0.101-0.7.40.1
      kernel-ec2-base-3.0.101-0.7.40.1
      kernel-ec2-devel-3.0.101-0.7.40.1
      kernel-xen-3.0.101-0.7.40.1
      kernel-xen-base-3.0.101-0.7.40.1
      kernel-xen-devel-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x):

      kernel-default-man-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Server 11-SP2-LTSS (i586):

      kernel-pae-3.0.101-0.7.40.1
      kernel-pae-base-3.0.101-0.7.40.1
      kernel-pae-devel-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64):

      kernel-default-debuginfo-3.0.101-0.7.40.1
      kernel-default-debugsource-3.0.101-0.7.40.1
      kernel-default-devel-debuginfo-3.0.101-0.7.40.1
      kernel-trace-debuginfo-3.0.101-0.7.40.1
      kernel-trace-debugsource-3.0.101-0.7.40.1
      kernel-trace-devel-debuginfo-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64):

      kernel-ec2-debuginfo-3.0.101-0.7.40.1
      kernel-ec2-debugsource-3.0.101-0.7.40.1
      kernel-xen-debuginfo-3.0.101-0.7.40.1
      kernel-xen-debugsource-3.0.101-0.7.40.1
      kernel-xen-devel-debuginfo-3.0.101-0.7.40.1

   - SUSE Linux Enterprise Debuginfo 11-SP2 (i586):

      kernel-pae-debuginfo-3.0.101-0.7.40.1
      kernel-pae-debugsource-3.0.101-0.7.40.1
      kernel-pae-devel-debuginfo-3.0.101-0.7.40.1


References:

   https://www.suse.com/security/cve/CVE-2013-2015.html
   https://www.suse.com/security/cve/CVE-2013-7446.html
   https://www.suse.com/security/cve/CVE-2015-0272.html
   https://www.suse.com/security/cve/CVE-2015-3339.html
   https://www.suse.com/security/cve/CVE-2015-5307.html
   https://www.suse.com/security/cve/CVE-2015-6252.html
   https://www.suse.com/security/cve/CVE-2015-6937.html
   https://www.suse.com/security/cve/CVE-2015-7509.html
   https://www.suse.com/security/cve/CVE-2015-7515.html
   https://www.suse.com/security/cve/CVE-2015-7550.html
   https://www.suse.com/security/cve/CVE-2015-7566.html
   https://www.suse.com/security/cve/CVE-2015-7799.html
   https://www.suse.com/security/cve/CVE-2015-7872.html
   https://www.suse.com/security/cve/CVE-2015-7990.html
   https://www.suse.com/security/cve/CVE-2015-8104.html
   https://www.suse.com/security/cve/CVE-2015-8215.html
   https://www.suse.com/security/cve/CVE-2015-8539.html
   https://www.suse.com/security/cve/CVE-2015-8543.html
   https://www.suse.com/security/cve/CVE-2015-8569.html
   https://www.suse.com/security/cve/CVE-2015-8575.html
   https://www.suse.com/security/cve/CVE-2015-8767.html
   https://www.suse.com/security/cve/CVE-2015-8785.html
   https://www.suse.com/security/cve/CVE-2015-8812.html
   https://www.suse.com/security/cve/CVE-2015-8816.html
   https://www.suse.com/security/cve/CVE-2016-0723.html
   https://www.suse.com/security/cve/CVE-2016-2069.html
   https://www.suse.com/security/cve/CVE-2016-2143.html
   https://www.suse.com/security/cve/CVE-2016-2184.html
   https://www.suse.com/security/cve/CVE-2016-2185.html
   https://www.suse.com/security/cve/CVE-2016-2186.html
   https://www.suse.com/security/cve/CVE-2016-2188.html
   https://www.suse.com/security/cve/CVE-2016-2384.html
   https://www.suse.com/security/cve/CVE-2016-2543.html
   https://www.suse.com/security/cve/CVE-2016-2544.html
   https://www.suse.com/security/cve/CVE-2016-2545.html
   https://www.suse.com/security/cve/CVE-2016-2546.html
   https://www.suse.com/security/cve/CVE-2016-2547.html
   https://www.suse.com/security/cve/CVE-2016-2548.html
   https://www.suse.com/security/cve/CVE-2016-2549.html
   https://www.suse.com/security/cve/CVE-2016-2782.html
   https://www.suse.com/security/cve/CVE-2016-2847.html
   https://www.suse.com/security/cve/CVE-2016-3134.html
   https://www.suse.com/security/cve/CVE-2016-3137.html
   https://www.suse.com/security/cve/CVE-2016-3138.html
   https://www.suse.com/security/cve/CVE-2016-3139.html
   https://www.suse.com/security/cve/CVE-2016-3140.html
   https://www.suse.com/security/cve/CVE-2016-3156.html
   https://www.suse.com/security/cve/CVE-2016-4486.html
   https://bugzilla.suse.com/816446
   https://bugzilla.suse.com/861093
   https://bugzilla.suse.com/928130
   https://bugzilla.suse.com/935757
   https://bugzilla.suse.com/939826
   https://bugzilla.suse.com/942367
   https://bugzilla.suse.com/945825
   https://bugzilla.suse.com/946117
   https://bugzilla.suse.com/946309
   https://bugzilla.suse.com/948562
   https://bugzilla.suse.com/949744
   https://bugzilla.suse.com/949936
   https://bugzilla.suse.com/951440
   https://bugzilla.suse.com/952384
   https://bugzilla.suse.com/953527
   https://bugzilla.suse.com/954404
   https://bugzilla.suse.com/955354
   https://bugzilla.suse.com/955654
   https://bugzilla.suse.com/956708
   https://bugzilla.suse.com/956709
   https://bugzilla.suse.com/958463
   https://bugzilla.suse.com/958886
   https://bugzilla.suse.com/958951
   https://bugzilla.suse.com/959190
   https://bugzilla.suse.com/959399
   https://bugzilla.suse.com/961500
   https://bugzilla.suse.com/961509
   https://bugzilla.suse.com/961512
   https://bugzilla.suse.com/963765
   https://bugzilla.suse.com/963767
   https://bugzilla.suse.com/964201
   https://bugzilla.suse.com/966437
   https://bugzilla.suse.com/966460
   https://bugzilla.suse.com/966662
   https://bugzilla.suse.com/966693
   https://bugzilla.suse.com/967972
   https://bugzilla.suse.com/967973
   https://bugzilla.suse.com/967974
   https://bugzilla.suse.com/967975
   https://bugzilla.suse.com/968010
   https://bugzilla.suse.com/968011
   https://bugzilla.suse.com/968012
   https://bugzilla.suse.com/968013
   https://bugzilla.suse.com/968670
   https://bugzilla.suse.com/970504
   https://bugzilla.suse.com/970892
   https://bugzilla.suse.com/970909
   https://bugzilla.suse.com/970911
   https://bugzilla.suse.com/970948
   https://bugzilla.suse.com/970956
   https://bugzilla.suse.com/970958
   https://bugzilla.suse.com/970970
   https://bugzilla.suse.com/971124
   https://bugzilla.suse.com/971125
   https://bugzilla.suse.com/971126
   https://bugzilla.suse.com/971360
   https://bugzilla.suse.com/972510
   https://bugzilla.suse.com/973570
   https://bugzilla.suse.com/975945
   https://bugzilla.suse.com/977847
   https://bugzilla.suse.com/978822



More information about the sle-security-updates mailing list